Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   iStartSurf deinstallieren (https://www.trojaner-board.de/158218-istartsurf-deinstallieren.html)

Tinti 02.09.2014 08:30
iStartSurf deinstallieren
 
Hallo,

ich hab ein Problem. iStartSurf lässt sich nicht mehr deinstallieren. Wenn ich es versuche dann schreibt er mir dass ich keine Berechtigung dafür habe. Gestern konnte ich kein Office und Internet mehr öffnen, ich hab dann den Virenscan drüber laufen lassen und seit dem gehts wieder. Trotzdem kommt wenn ich google aufmache immer wieder das iStartSurf. Wie bekomme ich den Virus runter?

Lg

M-K-D-B 02.09.2014 08:32
:hallo:


Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
    Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Danke für deine Mitarbeit!





Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Tinti 02.09.2014 09:13
Code:
Nico Mak Computing
WinZip Malware Protector
 
Datum der Überprüfung Dienstag, 02. September 2014
Datenbankversion 1935
Gefundene Elemente insgesamt 253
Überprüfte Objekte: 262528
Abgelaufene Zeit: 00:05:54
Name Gefundene Elemente

Name der Infektion pup.globalupdate
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 111
 
Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\goopdate.dll
MD5 0
Signatur 10348850114702906377
Md5hash:  148c0d2b53a597f9caa045ea9589ce97
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdatehelper.msi
MD5 0
Signatur 0
Md5hash:  fc7a2f466f7a0f3e873077505719c1a1
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298}\inprocserver32
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298}\inprocserver32
 threadingmodel
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298}\progid
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}\inprocserver32
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}\inprocserver32
 threadingmodel
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}\progid
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\clsid\{cfc47bb5-5fb5-4ad0-8427-6aa04334a3fc}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\clsid\{cfc47bb5-5fb5-4ad0-8427-6aa04334a3fc}\inprocserver32
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\clsid\{cfc47bb5-5fb5-4ad0-8427-6aa04334a3fc}\inprocserver32
 threadingmodel
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\clsid\{e0adb535-d7b5-4d8b-b15d-578bdd20d76a}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\clsid\{e0adb535-d7b5-4d8b-b15d-578bdd20d76a}\inprocserver32
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\clsid\{e0adb535-d7b5-4d8b-b15d-578bdd20d76a}\inprocserver32
 threadingmodel
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\globalupdate.oneclickctrl.10
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\globalupdate.oneclickctrl.10\clsid
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\globalupdate.update3webcontrol.4
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\globalupdate.update3webcontrol.4\clsid
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update
 path
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update
 version
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update
 globalupdate_task_name_c
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update
 lastchecked
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clients
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
 pv
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
 name
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
 bic
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
 verifier
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
 srcid_var
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}
 pv
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}
 name
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}
 bic
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}
 verifier
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}
 srcid_var
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clients\{430fd4d0-b729-4f61-aa34-91526481799d}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clients\{430fd4d0-b729-4f61-aa34-91526481799d}
 pv
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clients\{430fd4d0-b729-4f61-aa34-91526481799d}
 name
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clientstate
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
 pv
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
 rollcalldaystartsec
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
 lastchecksuccess
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03}
 pv
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03}
 rollcalldaystartsec
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03}
 lastchecksuccess
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}
 pv
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}
 brand
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}
 installtime
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}
 rollcalldaystartsec
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}
 lastchecksuccess
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clientstatemedium
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clientstatemedium\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\clientstatemedium\{08174260-1228-485d-9b4e-df23fe546e03}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\network
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\globalupdate\update\network\secure
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298}
 appname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298}
 apppath
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298}
 policy
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}
 appname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}
 apppath
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}
 policy
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows nt\currentversion\image file execution options\googleupdate.exe
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows nt\currentversion\image file execution options\googleupdate.exe
 disableexceptionchainvalidation
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows\currentversion\ext\preapproved\{5645e0e7-fc12-43bf-a6e4-f9751942b298}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows\currentversion\ext\preapproved\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=10
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=10
 path
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=10
 description
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=10
 productname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=10
 vendor
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=10
 version
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=10\mimetypes
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=10\mimetypes\application/x-vnd.google.oneclickctrl.10
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=4
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=4
 path
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=4
 description
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=4
 productname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=4
 vendor
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=4
 version
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=4\mimetypes
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=4\mimetypes\application/x-vnd.google.update3webcontrol.4
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdate
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdate
 type
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdate
 start
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdate
 errorcontrol
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdate
 imagepath
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdate
 displayname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdate
 dependonservice
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdate
 wow64
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdate
 objectname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdate
 description
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdate
 delayedautostart
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdatem
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdatem
 type
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdatem
 start
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdatem
 errorcontrol
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdatem
 imagepath
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdatem
 displayname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdatem
 dependonservice
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdatem
 wow64
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdatem
 objectname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdatem
 description
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdatem
 delayedautostart
 
 

Name der Infektion pup.optional
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 61
 
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\main\bin\cltmngsvc.exe
MD5 0
Signatur 4008520455206799453
Md5hash:  d44da098e45085a2acaca6a92d575b8a
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\main\bin\sptool.dll
MD5 0
Signatur 5502870926556351585
Md5hash:  147fd0b3c9bc7a66f0c8a399ca61cc0b
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\main\bin\uninstall.exe
MD5 945616464127594250
Signatur 0
Md5hash:  45e9457a13020227b516933f4e13e75b
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\ui\bin\cltmngui.exe
MD5 0
Signatur 5043636912816771717
Md5hash:  b45855f3cfebca58389b19144e6d44d5
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\cltmng.exe
MD5 0
Signatur 13392094193946676137
Md5hash:  01041912765aac215ebf10746c304016
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\sptool64.exe
MD5 0
Signatur 5742242505403073202
Md5hash:  c885990e0c5489ddd11b098c54d349b8
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc32.dll
MD5 0
Signatur 10559975309048136720
Md5hash:  598a964a8c1347722c2fd0c6b7f1c154
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc32loader.dll
MD5 0
Signatur 8283225535962601202
Md5hash:  9a41cf0d3927889ae686a1d105d14433
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc64.dll
MD5 0
Signatur 14477932829830964117
Md5hash:  c826f27ee06f04ab30561269f3fd90d8
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc64loader.dll
MD5 0
Signatur 3967124370264990919
Md5hash:  e85b2a2c30e46d7b0f7e92b9a9255d77
 

Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\searchprotect\searchprotect\rep\userrepository.dat
MD5 0
Signatur 0
Md5hash:  7f41fc2517fc97e49b009851eb0f9fc6
 

Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\searchprotect\searchprotect\rep\usersettings.dat
MD5 0
Signatur 0
Md5hash:  4d2aadbeb627ccb55d39752c919b7cae
 

Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\searchprotect\ui\rep\uirepository.dat
MD5 0
Signatur 0
Md5hash:  f749579958724120bb26add6c52a06ac
 

Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\youtube accelerator\ipc.dll
MD5 0
Signatur 2222954328128739501
Md5hash:  e3ca787c4ef41e3d3c212899dd361daf
 

Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\youtube accelerator\xmldb.dll
MD5 0
Signatur 6164794545056868536
Md5hash:  e09fa1c699e985e4cf8cfc6457dba9f1
 

Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\youtube accelerator\helper.dll
MD5 0
Signatur 9103839266922713970
Md5hash:  3f60c99839e22b593223eb083e1ae454
 

Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\globalupdate\update\googleupdate.exe
MD5 0
Signatur 12264191390500570615
Md5hash:  d858ba2ee718b1db1ced20646e641d08
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googlecrashhandler.exe
MD5 0
Signatur 12264191390500570615
Md5hash:  03114dadbd9977fc823f95b21fb987e7
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdate.exe
MD5 0
Signatur 12264191390500570615
Md5hash:  d858ba2ee718b1db1ced20646e641d08
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\youtube accelerator\cabex.dll
MD5 0
Signatur 16962820214776606692
Md5hash:  3f4049d8bf040812a96680c5a6b377fd
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\youtube accelerator\ytalsp.dll
MD5 0
Signatur 2574574794302051618
Md5hash:  6289966fd5c7d68cc37d526f6a40cdfa
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdatebroker.exe
MD5 0
Signatur 11382960367386889684
Md5hash:  f98de4108614e4bb81e95e58e36c7000
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdateondemand.exe
MD5 0
Signatur 11382960367386889684
Md5hash:  7e767b342e55eb1dfd74a65d24ea4b70
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\goopdateres_en.dll
MD5 0
Signatur 6050752766450381628
Md5hash:  4249db2978306091a48702bb6f9a42c2
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\npgoogleupdate4.dll
MD5 0
Signatur 9274589362263618590
Md5hash:  624d999248a19d5dad757606a4457857
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\psmachine.dll
MD5 0
Signatur 14069428750905708878
Md5hash:  fefef2f226fd6be184bc4a3378b02aaf
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\psuser.dll
MD5 0
Signatur 14069428750905708878
Md5hash:  8d90bb3a36521b50d0e512a781e36871
 

Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\roaming\istartsurf\uninstallmanager.exe
MD5 0
Signatur 11577995310399389985
Md5hash:  1608d54dc69ea7e763cdab78f71cafd6
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_classes_root
 clsid\{4aa46d49-459f-4358-b4d1-169048547c23}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_classes_root
 clsid\{4aa46d49-459f-4358-b4d1-169048547c23}
 id
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
 url
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
 suggestionsurl_json
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
 displayname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
 showsearchsuggestions
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
 deleted
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\{6791a2f3-fc80-475c-a002-c014af797e9c}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\{6791a2f3-fc80-475c-a002-c014af797e9c}
 n
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\clsid\{1aa60054-57d9-4f99-9a55-d0fbfbe7ecd3}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\clsid\{4aa46d49-459f-4358-b4d1-169048547c23}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\clsid\{4aa46d49-459f-4358-b4d1-169048547c23}
 id
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows\currentversion\uninstall\searchprotect
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows\currentversion\uninstall\searchprotect
 displayname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows\currentversion\uninstall\searchprotect
 displayicon
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows\currentversion\uninstall\searchprotect
 displayversion
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows\currentversion\uninstall\searchprotect
 publisher
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows\currentversion\uninstall\searchprotect
 uninstallstring
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\searchprotect
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\searchprotect
 spid
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\searchprotect
 environment
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\searchprotect
 ts
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\cltmngsvc
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\cltmngsvc
 type
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\cltmngsvc
 start
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\cltmngsvc
 errorcontrol
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\cltmngsvc
 imagepath
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\cltmngsvc
 displayname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\cltmngsvc
 wow64
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\cltmngsvc
 objectname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\cltmngsvc
 dependonservice
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\cltmngsvc
 description
 
 

Name der Infektion pup.superfish
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 5
 
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage
MD5 0
Signatur 0
Md5hash:  5f24451ac3523b39f40c7cd87c4f0dbb
 

Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal
MD5 0
Signatur 0
Md5hash:  4f11aa3c6f98f8edf8f438b61f69d60e
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\internet explorer\domstorage\superfish.com
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\internet explorer\domstorage\superfish.com
 numberofsubdomains
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\internet explorer\domstorage\superfish.com
 total
 
 

Name der Infektion pup.montieratoolbar
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 2
 
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.trovi.com_0.localstorage
MD5 0
Signatur 0
Md5hash:  f353360d74d4532256cff2bc1d810699
 

Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.trovi.com_0.localstorage-journal
MD5 0
Signatur 0
Md5hash:  bf619eac0cdf3f68d496ea9344137e8b
 
 

Name der Infektion pup.searchprotect
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 13
 
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\searchprotect\searchprotect\rep\cvc.dat
MD5 0
Signatur 0
Md5hash:  d01872cbb21925c587ff2d2d0d75b756
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\searchprotect
 installdir
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\sppd
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\sppd
 type
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\sppd
 start
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\sppd
 errorcontrol
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\sppd
 imagepath
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\sppd
 displayname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\sppd
 wow64
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\sppd\enum
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\sppd\enum
 0
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\sppd\enum
 count
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\sppd\enum
 nextinstance
 
 

Name der Infektion pup.installcore
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 22
 
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\1i1t1q1s
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\1i1t1q1s
 name
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\1i1t1q1s
 reg
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore
 t
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore
 tb
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore
 hp
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore
 ds
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\mysearchdial
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\mysearchdial
 insdate
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\mysearchdial
 instlref
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\mysearchdial
 aflt
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\mysearchdial
 c_ver
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\uninstall
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\uninstall\0f1l1g1q0r1l1n1m2z
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\uninstall\0f1l1g1q0r1l1n1m2z
 uninstall
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
 uninstall
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
 sch_desc
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
 sch_link
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
 add_desc
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
 add_link
 
 

Name der Infektion pup.1clickdownload
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 5
 
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\1clickdownload
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\1clickdownload
 uid
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\1clickdownload
 lastinstall0
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\1clickdownload
 lastinstall3
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\1clickdownload
 lastinstall2
 
 

Name der Infektion pup.babylon
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 17
 
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater
 cr_ver
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater
 task_st
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater
 lastdyreportsch
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater
 rep
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater
 rstsp
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater
 risp
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater
 userid
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater
 lastdllupdatecheck
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater\busolutrunningupdt
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater\busolutrunningupdt
 ff21v.exe
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater\busolutrunningupdt
 crxupdater_d.exe
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater\report
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater\report
 gglsp
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater\report
 sqlt
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater\updates
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater\updates
 crxenb
 
 

Name der Infektion pup.delta
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 1
 
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\appid\{c26644c4-2a12-4ca6-8f2e-0ede6cf018f3}
 
 
 

Name der Infektion pup.optional-snk
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 2
 
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\{3a7d3e19-1b79-4e4e-bd96-5467da2c4ef0}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\{3a7d3e19-1b79-4e4e-bd96-5467da2c4ef0}
 n
 
 

Name der Infektion pup.shopperpro
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 13
 
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\windows\currentversion\ext\settings\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\windows\currentversion\ext\settings\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
 flags
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
 type
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
 flags
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
 count
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
 time
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
 loadtimearray
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
 navtimearray
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows\currentversion\explorer\browser helper objects\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows\currentversion\explorer\browser helper objects\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
 noexplorer
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows\currentversion\ext\preapproved\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
 
 
 

Name der Infektion Restricted Settings
Kategorie Security Disabler 
Bedrohungsstufe Medium
Durchgeführte Aktion NoActionTaken
Elemente gefunden 1
 
Gefundener Bereich WindowsSettings
Details
Registrierungsschlüssel hkey_local_machine
 software\clients\startmenuinternet\iexplore.exe\shell\open\command
 
 
 
© 2013 WinZip International LLC. All rights reserved.
Hallo Matthias,
ich hoffe ich hab das richtig gemacht :-)

M-K-D-B 02.09.2014 09:14
Zitat:
Zitat von Tinti (Beitrag 1352876)
ich hoffe ich hab das richtig gemacht :-)
Nein, hast du dich!

WinZip Malware Protector ist selbst Adware, gleich wieder deinstallieren bitte... :lach:


Bitte lesen:
Download bei filepony.de: So ladet Ihr unsere Tools richtig!


FRST downloaden und wie beschrieben ausführen bitte.

Tinti 02.09.2014 13:17

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2014 02
Ran by Martina (administrator) on NB01KRZBMA on 02-09-2014 11:49:33
Running from D:\Martina\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Enigma Software Group USA, LLC.) C:\Config.Msi\1d5c40e.rbf
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 11:49 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-02 10:55 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-01 22:36 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 11:49 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-02 11:45 - 2013-06-14 23:43 - 01698497 _____ () C:\Windows\WindowsUpdate.log
2014-09-02 10:55 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:44 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-01 22:44 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-01 22:36 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-01 22:35 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:35 - 2009-07-14 06:51 - 00075045 _____ () C:\Windows\setupact.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 21:48 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 13:10 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:13 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World
2014-08-03 11:04 - 2013-06-16 18:02 - 00000000 ____D () C:\Users\Martina\AppData\Local\Microsoft Help

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================
--- --- ---

Tinti 02.09.2014 13:24
[CODE]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2014 02
Ran by Martina at 2014-09-02 11:50:24
Running from D:\Martina\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1430 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.2.1.260 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A
Nico Mak Computing
WinZip Malware Protector

Datum der Überprüfung Dienstag, 02. September 2014
Datenbankversion 1935
Gefundene Elemente insgesamt 253
Überprüfte Objekte: 262528
Abgelaufene Zeit: 00:05:54
Name Gefundene Elemente

Name der Infektion pup.globalupdate
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 111

Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\goopdate.dll
MD5 0
Signatur 10348850114702906377
Md5hash: 148c0d2b53a597f9caa045ea9589ce97


Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdatehelper.msi
MD5 0
Signatur 0
Md5hash: fc7a2f466f7a0f3e873077505719c1a1


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298}\inprocserver32



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298}\inprocserver32
threadingmodel


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298}\progid



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}\inprocserver32



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}\inprocserver32
threadingmodel


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}\progid



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{cfc47bb5-5fb5-4ad0-8427-6aa04334a3fc}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{cfc47bb5-5fb5-4ad0-8427-6aa04334a3fc}\inprocserver32



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{cfc47bb5-5fb5-4ad0-8427-6aa04334a3fc}\inprocserver32
threadingmodel


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{e0adb535-d7b5-4d8b-b15d-578bdd20d76a}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{e0adb535-d7b5-4d8b-b15d-578bdd20d76a}\inprocserver32



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{e0adb535-d7b5-4d8b-b15d-578bdd20d76a}\inprocserver32
threadingmodel


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\globalupdate.oneclickctrl.10



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\globalupdate.oneclickctrl.10\clsid



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\globalupdate.update3webcontrol.4



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\globalupdate.update3webcontrol.4\clsid



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update
path


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update
version


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update
globalupdate_task_name_c


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update
lastchecked


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
pv


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
name


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
bic


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
verifier


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
srcid_var


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}
pv


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}
name


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}
bic


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}
verifier


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}
srcid_var


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{430fd4d0-b729-4f61-aa34-91526481799d}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{430fd4d0-b729-4f61-aa34-91526481799d}
pv


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{430fd4d0-b729-4f61-aa34-91526481799d}
name


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
pv


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
rollcalldaystartsec


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
lastchecksuccess


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03}
pv


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03}
rollcalldaystartsec


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03}
lastchecksuccess


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}
pv


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}
brand


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}
installtime


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}
rollcalldaystartsec


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}
lastchecksuccess


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstatemedium



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstatemedium\{00ba8a8f-c20a-4328-8e58-8463b52ba450}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstatemedium\{08174260-1228-485d-9b4e-df23fe546e03}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\network



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\network\secure



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298}
appname


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298}
apppath


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298}
policy


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}
appname


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}
apppath


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}
policy


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows nt\currentversion\image file execution options\googleupdate.exe



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows nt\currentversion\image file execution options\googleupdate.exe
disableexceptionchainvalidation


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\ext\preapproved\{5645e0e7-fc12-43bf-a6e4-f9751942b298}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\ext\preapproved\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10
path


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10
description


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10
productname


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10
vendor


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10
version


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10\mimetypes



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=10\mimetypes\application/x-vnd.google.oneclickctrl.10



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4
path


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4
description


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4
productname


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4
vendor


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4
version


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4\mimetypes



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\mozillaplugins\@staging.google.com/globalupdate update;version=4\mimetypes\application/x-vnd.google.update3webcontrol.4



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
type


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
start


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
errorcontrol


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
imagepath


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
displayname


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
dependonservice


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
wow64


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
objectname


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
description


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdate
delayedautostart


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
type


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
start


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
errorcontrol


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
imagepath


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
displayname


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
dependonservice


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
wow64


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
objectname


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
description


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\globalupdatem
delayedautostart



Name der Infektion pup.optional
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 61

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\main\bin\cltmngsvc.exe
MD5 0
Signatur 4008520455206799453
Md5hash: d44da098e45085a2acaca6a92d575b8a


Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\main\bin\sptool.dll
MD5 0
Signatur 5502870926556351585
Md5hash: 147fd0b3c9bc7a66f0c8a399ca61cc0b


Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\main\bin\uninstall.exe
MD5 945616464127594250
Signatur 0
Md5hash: 45e9457a13020227b516933f4e13e75b


Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\ui\bin\cltmngui.exe
MD5 0
Signatur 5043636912816771717
Md5hash: b45855f3cfebca58389b19144e6d44d5


Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\cltmng.exe
MD5 0
Signatur 13392094193946676137
Md5hash: 01041912765aac215ebf10746c304016


Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\sptool64.exe
MD5 0
Signatur 5742242505403073202
Md5hash: c885990e0c5489ddd11b098c54d349b8


Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc32.dll
MD5 0
Signatur 10559975309048136720
Md5hash: 598a964a8c1347722c2fd0c6b7f1c154


Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc32loader.dll
MD5 0
Signatur 8283225535962601202
Md5hash: 9a41cf0d3927889ae686a1d105d14433


Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc64.dll
MD5 0
Signatur 14477932829830964117
Md5hash: c826f27ee06f04ab30561269f3fd90d8


Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc64loader.dll
MD5 0
Signatur 3967124370264990919
Md5hash: e85b2a2c30e46d7b0f7e92b9a9255d77


Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\searchprotect\searchprotect\rep\userrepository.dat
MD5 0
Signatur 0
Md5hash: 7f41fc2517fc97e49b009851eb0f9fc6


Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\searchprotect\searchprotect\rep\usersettings.dat
MD5 0
Signatur 0
Md5hash: 4d2aadbeb627ccb55d39752c919b7cae


Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\searchprotect\ui\rep\uirepository.dat
MD5 0
Signatur 0
Md5hash: f749579958724120bb26add6c52a06ac


Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\youtube accelerator\ipc.dll
MD5 0
Signatur 2222954328128739501
Md5hash: e3ca787c4ef41e3d3c212899dd361daf


Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\youtube accelerator\xmldb.dll
MD5 0
Signatur 6164794545056868536
Md5hash: e09fa1c699e985e4cf8cfc6457dba9f1


Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\youtube accelerator\helper.dll
MD5 0
Signatur 9103839266922713970
Md5hash: 3f60c99839e22b593223eb083e1ae454


Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\globalupdate\update\googleupdate.exe
MD5 0
Signatur 12264191390500570615
Md5hash: d858ba2ee718b1db1ced20646e641d08


Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googlecrashhandler.exe
MD5 0
Signatur 12264191390500570615
Md5hash: 03114dadbd9977fc823f95b21fb987e7


Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdate.exe
MD5 0
Signatur 12264191390500570615
Md5hash: d858ba2ee718b1db1ced20646e641d08


Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\youtube accelerator\cabex.dll
MD5 0
Signatur 16962820214776606692
Md5hash: 3f4049d8bf040812a96680c5a6b377fd


Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\youtube accelerator\ytalsp.dll
MD5 0
Signatur 2574574794302051618
Md5hash: 6289966fd5c7d68cc37d526f6a40cdfa


Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdatebroker.exe
MD5 0
Signatur 11382960367386889684
Md5hash: f98de4108614e4bb81e95e58e36c7000


Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdateondemand.exe
MD5 0
Signatur 11382960367386889684
Md5hash: 7e767b342e55eb1dfd74a65d24ea4b70


Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\goopdateres_en.dll
MD5 0
Signatur 6050752766450381628
Md5hash: 4249db2978306091a48702bb6f9a42c2


Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\npgoogleupdate4.dll
MD5 0
Signatur 9274589362263618590
Md5hash: 624d999248a19d5dad757606a4457857


Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\psmachine.dll
MD5 0
Signatur 14069428750905708878
Md5hash: fefef2f226fd6be184bc4a3378b02aaf


Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\psuser.dll
MD5 0
Signatur 14069428750905708878
Md5hash: 8d90bb3a36521b50d0e512a781e36871


Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\roaming\istartsurf\uninstallmanager.exe
MD5 0
Signatur 11577995310399389985
Md5hash: 1608d54dc69ea7e763cdab78f71cafd6


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_classes_root
clsid\{4aa46d49-459f-4358-b4d1-169048547c23}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_classes_root
clsid\{4aa46d49-459f-4358-b4d1-169048547c23}
id


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
url


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
suggestionsurl_json


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
displayname


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
showsearchsuggestions


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
deleted


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\{6791a2f3-fc80-475c-a002-c014af797e9c}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\{6791a2f3-fc80-475c-a002-c014af797e9c}
n


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{1aa60054-57d9-4f99-9a55-d0fbfbe7ecd3}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{4aa46d49-459f-4358-b4d1-169048547c23}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{4aa46d49-459f-4358-b4d1-169048547c23}
id


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\uninstall\searchprotect



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\uninstall\searchprotect
displayname


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\uninstall\searchprotect
displayicon


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\uninstall\searchprotect
displayversion


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\uninstall\searchprotect
publisher


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\uninstall\searchprotect
uninstallstring


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\searchprotect



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\searchprotect
spid


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\searchprotect
environment


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\searchprotect
ts


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
type


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
start


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
errorcontrol


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
imagepath


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
displayname


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
wow64


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
objectname


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
dependonservice


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\cltmngsvc
description



Name der Infektion pup.superfish
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 5

Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage
MD5 0
Signatur 0
Md5hash: 5f24451ac3523b39f40c7cd87c4f0dbb


Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal
MD5 0
Signatur 0
Md5hash: 4f11aa3c6f98f8edf8f438b61f69d60e


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\domstorage\superfish.com



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\domstorage\superfish.com
numberofsubdomains


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\internet explorer\domstorage\superfish.com
total



Name der Infektion pup.montieratoolbar
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 2

Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.trovi.com_0.localstorage
MD5 0
Signatur 0
Md5hash: f353360d74d4532256cff2bc1d810699


Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.trovi.com_0.localstorage-journal
MD5 0
Signatur 0
Md5hash: bf619eac0cdf3f68d496ea9344137e8b



Name der Infektion pup.searchprotect
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 13

Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\searchprotect\searchprotect\rep\cvc.dat
MD5 0
Signatur 0
Md5hash: d01872cbb21925c587ff2d2d0d75b756


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\searchprotect
installdir


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd
type


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd
start


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd
errorcontrol


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd
imagepath


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd
displayname


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd
wow64


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd\enum



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd\enum
0


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd\enum
count


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
system\currentcontrolset\services\sppd\enum
nextinstance



Name der Infektion pup.installcore
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 22

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\1i1t1q1s



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\1i1t1q1s
name


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\1i1t1q1s
reg


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore
t


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore
tb


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore
hp


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore
ds


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\mysearchdial



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\mysearchdial
insdate


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\mysearchdial
instlref


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\mysearchdial
aflt


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\mysearchdial
c_ver


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0f1l1g1q0r1l1n1m2z



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0f1l1g1q0r1l1n1m2z
uninstall


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
uninstall


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
sch_desc


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
sch_link


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
add_desc


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
add_link



Name der Infektion pup.1clickdownload
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 5

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\1clickdownload



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\1clickdownload
uid


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\1clickdownload
lastinstall0


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\1clickdownload
lastinstall3


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\1clickdownload
lastinstall2



Name der Infektion pup.babylon
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 17

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
cr_ver


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
task_st


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
lastdyreportsch


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
rep


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
rstsp


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
risp


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
userid


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater
lastdllupdatecheck


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\busolutrunningupdt



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\busolutrunningupdt
ff21v.exe


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\busolutrunningupdt
crxupdater_d.exe


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\report



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\report
gglsp


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\report
sqlt


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\updates



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\babsolution\updater\updates
crxenb



Name der Infektion pup.delta
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 1

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\appid\{c26644c4-2a12-4ca6-8f2e-0ede6cf018f3}




Name der Infektion pup.optional-snk
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 2

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\{3a7d3e19-1b79-4e4e-bd96-5467da2c4ef0}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\{3a7d3e19-1b79-4e4e-bd96-5467da2c4ef0}
n



Name der Infektion pup.shopperpro
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 13

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\settings\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\settings\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
flags


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
type


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
flags


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
count


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
time


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
loadtimearray


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
navtimearray


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\explorer\browser helper objects\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\explorer\browser helper objects\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
noexplorer


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\windows\currentversion\ext\preapproved\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}




Name der Infektion Restricted Settings
Kategorie Security Disabler
Bedrohungsstufe Medium
Durchgeführte Aktion NoActionTaken
Elemente gefunden 1

Gefundener Bereich WindowsSettings
Details
Registrierungsschlüssel hkey_local_machine
software\clients\startmenuinternet\iexplore.exe\shell\open\command



© 2013 WinZip International LLC. All rights reserved.
B0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.3.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (x32 Version: 3.3.0 - Adobe Systems Incorporated) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Avira (HKLM-x32\...\{e67154a7-9cc5-4167-b782-f3982bc6c70d}) (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4487 - APN, LLC)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.95 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG4200 series Benutzerregistrierung (HKLM-x32\...\Canon MG4200 series Benutzerregistrierung) (Version: - Canon Inc.‎)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Canon MG4200 series On-screen Manual (HKLM-x32\...\Canon MG4200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3661 - CDBurnerXP)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.28 - Abelssoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version: - Microsoft)
Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.4.5 - Telerik)
FindRight (HKLM\...\FindRight) (Version: 2014.02.18.181234 - FindRight) <==== ATTENTION
FLVPlayer (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - FLVPlayer) <==== ATTENTION
FontForge 2012-07-31 (HKLM-x32\...\FontForge) (Version: 2012-07-31 - )
Free YouTube to MP3 Converter version 3.12.5.628 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.5.628 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Hartlauer Foto World (HKLM-x32\...\Hartlauer Foto World) (Version: 5.1.5 - CEWE Stiftung u Co. KGaA)
High-Logic FontCreator 8 (HKLM-x32\...\FontCreator8_is1) (Version: - High-Logic B.V.)
istartsurf uninstall (HKLM-x32\...\istartsurf uninstall) (Version: - istartsurf) <==== ATTENTION
iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Leawo PowerPoint to Video Converter version 2.7.1.0 (HKLM-x32\...\{5D5CB188-F9B1-4103-B2AD-07FB33068377}_is1) (Version: 2.7.1.0 - Leawo Software)
MAGIX Foto Designer 7 (HKLM-x32\...\MAGIX_{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}) (Version: 7.0.1.1 - MAGIX AG)
MAGIX Foto Designer 7 (Version: 7.0.1.1 - MAGIX AG) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4631.1002 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Mozilla Firefox 13.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 13.0.1 (x86 de)) (Version: 13.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 13.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mysearchdial (HKLM-x32\...\mysearchdial) (Version: - Mysearchdial) <==== ATTENTION
NSIS Birdfont (HKLM-x32\...\Birdfont) (Version: - )
NVIDIA 3D Vision Treiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.19.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.19.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6721 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 267.21 (Version: 267.21 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
PhotoPad Foto-Editor (HKLM-x32\...\PhotoPad) (Version: 2.41 - NCH Software)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.17.1.22 - Client Connect LTD) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Shopper-Pro (HKLM-x32\...\ShopperPro) (Version: - )
simplitec simplicheck (HKLM-x32\...\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}) (Version: 1.3.9.0 - simplitec GmbH)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WindowsMangerProtect20.0.0.722 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.722 - WindowsProtect LIMITED) <==== ATTENTION
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XnView 1.99.5 (HKLM-x32\...\XnView_is1) (Version: 1.99.5 - Gougelet Pierre-e)
YouTube Accelerator (HKLM-x32\...\YouTube Accelerator) (Version: 3394(build_88) - Goobzo Ltd.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

28-08-2014 21:18:18 Windows Update
02-09-2014 05:07:47 Installed SpyHunter
02-09-2014 05:15:58 Removed SpyHunter
02-09-2014 05:50:31 Installed SpyHunter
02-09-2014 06:43:19 Removed SpyHunter

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {136E99D8-6048-466C-A642-6ED03D639BE9} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {A9EB2394-AF1F-446F-BB25-754EC1B3C9B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-15] (Google Inc.)
Task: {B78E6EA3-3BE7-484B-948E-4076ECF61197} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-15] (Google Inc.)
Task: {C72E5E18-FF2C-49F1-8FC2-B294810C7742} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated)
Task: {CC0AA8B8-4984-4151-9A68-08465D6D829C} - System32\Tasks\BrowserDefendert => Sc.exe start BrowserDefendert <==== ATTENTION
Task: {F71B22B6-2AE6-45F4-BF99-434CCA5975EA} - System32\Tasks\EPUpdater => C:\Users\Martina\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe <==== ATTENTION
Task: C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job => C:\Program Files (x86)\TheGoPhoto.it V10\TheGoPhoto.it V10-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job => C:\Program Files (x86)\TheGoPhoto.it V10\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job => C:\Program Files (x86)\TheGoPhoto.it V10\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job => C:\Program Files (x86)\TheGoPhoto.it V10\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job => C:\Program Files (x86)\TheGoPhoto.it V10\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job => C:\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AdobeAAMUpdater-1.0-NB01KRZBMA-Martina.job => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a54415c3b16.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Launch 21752.job => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: C:\Windows\Tasks\Updater scan.job => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe

==================== Loaded Modules (whitelisted) =============

2013-10-16 19:02 - 2013-10-16 19:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-07-04 16:21 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-11-29 17:53 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-08-21 16:10 - 2014-08-07 16:00 - 03211776 _____ () C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
2013-10-16 19:01 - 2013-10-16 19:01 - 04624240 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-08-14 14:22 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\Martina\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2013-10-17 17:45 - 2013-10-17 17:45 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00067832 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2013-03-13 14:42 - 2013-06-05 15:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2014-08-07 15:57 - 2014-08-07 15:57 - 01257472 _____ () C:\Program Files\Common Files\ShopperPro\spbici32.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Atheros AR3011 Bluetooth(R) Adapter
Description: Atheros AR3011 Bluetooth(R) Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/02/2014 11:42:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8190

Error: (09/02/2014 11:42:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8190

Error: (09/02/2014 11:42:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/02/2014 11:42:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7191

Error: (09/02/2014 11:42:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7191

Error: (09/02/2014 11:42:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/02/2014 11:42:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6162

Error: (09/02/2014 11:42:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6162

Error: (09/02/2014 11:42:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/02/2014 11:42:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5101


System errors:
=============
Error: (09/01/2014 10:35:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wajam Internet Enhancer Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/01/2014 10:35:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IePlugin Services" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/01/2014 02:38:57 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde nicht richtig gestartet.

Error: (09/01/2014 02:37:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (09/01/2014 02:36:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wajam Internet Enhancer Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/01/2014 02:30:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (09/01/2014 02:29:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wajam Internet Enhancer Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/01/2014 01:11:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (09/01/2014 01:10:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wajam Internet Enhancer Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (08/31/2014 06:24:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.


Microsoft Office Sessions:
=========================
Error: (09/02/2014 11:42:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8190

Error: (09/02/2014 11:42:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8190

Error: (09/02/2014 11:42:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/02/2014 11:42:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7191

Error: (09/02/2014 11:42:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7191

Error: (09/02/2014 11:42:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/02/2014 11:42:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6162

Error: (09/02/2014 11:42:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6162

Error: (09/02/2014 11:42:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/02/2014 11:42:46 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5101


CodeIntegrity Errors:
===================================
Date: 2013-08-03 00:31:49.584
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-08-03 00:31:49.581
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-08-03 00:31:49.578
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-08-03 00:31:49.555
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-08-03 00:31:49.551
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-08-03 00:31:49.545
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-08-01 10:10:32.741
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-08-01 10:10:32.739
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-08-01 10:10:32.736
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2013-08-01 10:10:32.718
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 65%
Total physical RAM: 4077.86 MB
Available physical RAM: 1420.95 MB
Total Pagefile: 8153.9 MB
Available Pagefile: 4849.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Nico Mak Computing
WinZip Malware Protector

Datum der Überprüfung Dienstag, 02. September 2014
Datenbankversion 1935
Gefundene Elemente insgesamt 253
Überprüfte Objekte: 262528
Abgelaufene Zeit: 00:05:54
Name Gefundene Elemente

Name der Infektion pup.globalupdate
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 111

Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\goopdate.dll
MD5 0
Signatur 10348850114702906377
Md5hash: 148c0d2b53a597f9caa045ea9589ce97


Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdatehelper.msi
MD5 0
Signatur 0
Md5hash: fc7a2f466f7a0f3e873077505719c1a1


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298}\inprocserver32



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298}\inprocserver32
threadingmodel


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{5645e0e7-fc12-43bf-a6e4-f9751942b298}\progid



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}\inprocserver32



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}\inprocserver32
threadingmodel


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}\progid



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{cfc47bb5-5fb5-4ad0-8427-6aa04334a3fc}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{cfc47bb5-5fb5-4ad0-8427-6aa04334a3fc}\inprocserver32



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{cfc47bb5-5fb5-4ad0-8427-6aa04334a3fc}\inprocserver32
threadingmodel


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{e0adb535-d7b5-4d8b-b15d-578bdd20d76a}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{e0adb535-d7b5-4d8b-b15d-578bdd20d76a}\inprocserver32



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\clsid\{e0adb535-d7b5-4d8b-b15d-578bdd20d76a}\inprocserver32
threadingmodel


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\globalupdate.oneclickctrl.10



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\globalupdate.oneclickctrl.10\clsid



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\globalupdate.update3webcontrol.4



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\classes\globalupdate.update3webcontrol.4\clsid



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update
path


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update
version


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update
globalupdate_task_name_c


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update
lastchecked


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
pv


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
name


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
bic


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
verifier


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
srcid_var


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}
pv


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}
name


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}
bic


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}
verifier


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{08174260-1228-485d-9b4e-df23fe546e03}
srcid_var


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{430fd4d0-b729-4f61-aa34-91526481799d}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{430fd4d0-b729-4f61-aa34-91526481799d}
pv


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clients\{430fd4d0-b729-4f61-aa34-91526481799d}
name


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
pv


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
rollcalldaystartsec


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{00ba8a8f-c20a-4328-8e58-8463b52ba450}
lastchecksuccess


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03}
pv


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03}
rollcalldaystartsec


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{08174260-1228-485d-9b4e-df23fe546e03}
lastchecksuccess


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}
pv


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}
brand


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}
installtime


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}
rollcalldaystartsec


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstate\{430fd4d0-b729-4f61-aa34-91526481799d}
lastchecksuccess


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstatemedium



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstatemedium\{00ba8a8f-c20a-4328-8e58-8463b52ba450}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\clientstatemedium\{08174260-1228-485d-9b4e-df23fe546e03}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\network



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\globalupdate\update\network\secure



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298}
appname


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298}
apppath


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{5645e0e7-fc12-43bf-a6e4-f9751942b298}
policy


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}



Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}
appname


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}
apppath


Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
software\microsoft\internet explorer\low rights\elevationpolicy\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}
policy

Tinti 02.09.2014 13:26
Das ist jetzt der zweite Teil von Addition txt. Da es zuviele Zeichen sind. :-)

Code:
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows nt\currentversion\image file execution options\googleupdate.exe
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows nt\currentversion\image file execution options\googleupdate.exe
 disableexceptionchainvalidation
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows\currentversion\ext\preapproved\{5645e0e7-fc12-43bf-a6e4-f9751942b298}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows\currentversion\ext\preapproved\{c7bf8f4b-7bc7-4f42-b944-3d28a3a86d8a}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=10
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=10
 path
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=10
 description
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=10
 productname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=10
 vendor
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=10
 version
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=10\mimetypes
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=10\mimetypes\application/x-vnd.google.oneclickctrl.10
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=4
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=4
 path
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=4
 description
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=4
 productname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=4
 vendor
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=4
 version
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=4\mimetypes
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\mozillaplugins\@staging.google.com/globalupdate update;version=4\mimetypes\application/x-vnd.google.update3webcontrol.4
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdate
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdate
 type
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdate
 start
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdate
 errorcontrol
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdate
 imagepath
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdate
 displayname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdate
 dependonservice
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdate
 wow64
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdate
 objectname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdate
 description
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdate
 delayedautostart
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdatem
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdatem
 type
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdatem
 start
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdatem
 errorcontrol
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdatem
 imagepath
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdatem
 displayname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdatem
 dependonservice
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdatem
 wow64
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdatem
 objectname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdatem
 description
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\globalupdatem
 delayedautostart
 
 

Name der Infektion pup.optional
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 61
 
Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\main\bin\cltmngsvc.exe
MD5 0
Signatur 4008520455206799453
Md5hash:  d44da098e45085a2acaca6a92d575b8a
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\main\bin\sptool.dll
MD5 0
Signatur 5502870926556351585
Md5hash:  147fd0b3c9bc7a66f0c8a399ca61cc0b
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\main\bin\uninstall.exe
MD5 945616464127594250
Signatur 0
Md5hash:  45e9457a13020227b516933f4e13e75b
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\ui\bin\cltmngui.exe
MD5 0
Signatur 5043636912816771717
Md5hash:  b45855f3cfebca58389b19144e6d44d5
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\cltmng.exe
MD5 0
Signatur 13392094193946676137
Md5hash:  01041912765aac215ebf10746c304016
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\sptool64.exe
MD5 0
Signatur 5742242505403073202
Md5hash:  c885990e0c5489ddd11b098c54d349b8
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc32.dll
MD5 0
Signatur 10559975309048136720
Md5hash:  598a964a8c1347722c2fd0c6b7f1c154
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc32loader.dll
MD5 0
Signatur 8283225535962601202
Md5hash:  9a41cf0d3927889ae686a1d105d14433
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc64.dll
MD5 0
Signatur 14477932829830964117
Md5hash:  c826f27ee06f04ab30561269f3fd90d8
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\searchprotect\searchprotect\bin\spvc64loader.dll
MD5 0
Signatur 3967124370264990919
Md5hash:  e85b2a2c30e46d7b0f7e92b9a9255d77
 

Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\searchprotect\searchprotect\rep\userrepository.dat
MD5 0
Signatur 0
Md5hash:  7f41fc2517fc97e49b009851eb0f9fc6
 

Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\searchprotect\searchprotect\rep\usersettings.dat
MD5 0
Signatur 0
Md5hash:  4d2aadbeb627ccb55d39752c919b7cae
 

Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\searchprotect\ui\rep\uirepository.dat
MD5 0
Signatur 0
Md5hash:  f749579958724120bb26add6c52a06ac
 

Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\youtube accelerator\ipc.dll
MD5 0
Signatur 2222954328128739501
Md5hash:  e3ca787c4ef41e3d3c212899dd361daf
 

Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\youtube accelerator\xmldb.dll
MD5 0
Signatur 6164794545056868536
Md5hash:  e09fa1c699e985e4cf8cfc6457dba9f1
 

Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\youtube accelerator\helper.dll
MD5 0
Signatur 9103839266922713970
Md5hash:  3f60c99839e22b593223eb083e1ae454
 

Gefundener Bereich Memory
Details
Dateiname c:\program files (x86)\globalupdate\update\googleupdate.exe
MD5 0
Signatur 12264191390500570615
Md5hash:  d858ba2ee718b1db1ced20646e641d08
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googlecrashhandler.exe
MD5 0
Signatur 12264191390500570615
Md5hash:  03114dadbd9977fc823f95b21fb987e7
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdate.exe
MD5 0
Signatur 12264191390500570615
Md5hash:  d858ba2ee718b1db1ced20646e641d08
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\youtube accelerator\cabex.dll
MD5 0
Signatur 16962820214776606692
Md5hash:  3f4049d8bf040812a96680c5a6b377fd
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\youtube accelerator\ytalsp.dll
MD5 0
Signatur 2574574794302051618
Md5hash:  6289966fd5c7d68cc37d526f6a40cdfa
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdatebroker.exe
MD5 0
Signatur 11382960367386889684
Md5hash:  f98de4108614e4bb81e95e58e36c7000
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\googleupdateondemand.exe
MD5 0
Signatur 11382960367386889684
Md5hash:  7e767b342e55eb1dfd74a65d24ea4b70
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\goopdateres_en.dll
MD5 0
Signatur 6050752766450381628
Md5hash:  4249db2978306091a48702bb6f9a42c2
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\npgoogleupdate4.dll
MD5 0
Signatur 9274589362263618590
Md5hash:  624d999248a19d5dad757606a4457857
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\psmachine.dll
MD5 0
Signatur 14069428750905708878
Md5hash:  fefef2f226fd6be184bc4a3378b02aaf
 

Gefundener Bereich FileSystem
Details
Dateiname c:\program files (x86)\globalupdate\update\1.3.25.0\psuser.dll
MD5 0
Signatur 14069428750905708878
Md5hash:  8d90bb3a36521b50d0e512a781e36871
 

Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\roaming\istartsurf\uninstallmanager.exe
MD5 0
Signatur 11577995310399389985
Md5hash:  1608d54dc69ea7e763cdab78f71cafd6
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_classes_root
 clsid\{4aa46d49-459f-4358-b4d1-169048547c23}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_classes_root
 clsid\{4aa46d49-459f-4358-b4d1-169048547c23}
 id
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
 url
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
 suggestionsurl_json
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
 displayname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
 showsearchsuggestions
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\internet explorer\searchscopes\{014db5fa-eafb-4592-a95b-f44d3ee87fa9}
 deleted
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\{6791a2f3-fc80-475c-a002-c014af797e9c}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\{6791a2f3-fc80-475c-a002-c014af797e9c}
 n
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\clsid\{1aa60054-57d9-4f99-9a55-d0fbfbe7ecd3}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\clsid\{4aa46d49-459f-4358-b4d1-169048547c23}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\clsid\{4aa46d49-459f-4358-b4d1-169048547c23}
 id
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows\currentversion\uninstall\searchprotect
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows\currentversion\uninstall\searchprotect
 displayname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows\currentversion\uninstall\searchprotect
 displayicon
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows\currentversion\uninstall\searchprotect
 displayversion
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows\currentversion\uninstall\searchprotect
 publisher
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows\currentversion\uninstall\searchprotect
 uninstallstring
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\searchprotect
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\searchprotect
 spid
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\searchprotect
 environment
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\searchprotect
 ts
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\cltmngsvc
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\cltmngsvc
 type
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\cltmngsvc
 start
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\cltmngsvc
 errorcontrol
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\cltmngsvc
 imagepath
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\cltmngsvc
 displayname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\cltmngsvc
 wow64
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\cltmngsvc
 objectname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\cltmngsvc
 dependonservice
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\cltmngsvc
 description
 
 

Name der Infektion pup.superfish
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 5
 
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage
MD5 0
Signatur 0
Md5hash:  5f24451ac3523b39f40c7cd87c4f0dbb
 

Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal
MD5 0
Signatur 0
Md5hash:  4f11aa3c6f98f8edf8f438b61f69d60e
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\internet explorer\domstorage\superfish.com
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\internet explorer\domstorage\superfish.com
 numberofsubdomains
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\internet explorer\domstorage\superfish.com
 total
 
 

Name der Infektion pup.montieratoolbar
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 2
 
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.trovi.com_0.localstorage
MD5 0
Signatur 0
Md5hash:  f353360d74d4532256cff2bc1d810699
 

Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\google\chrome\user data\default\local storage\http_www.trovi.com_0.localstorage-journal
MD5 0
Signatur 0
Md5hash:  bf619eac0cdf3f68d496ea9344137e8b
 
 

Name der Infektion pup.searchprotect
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 13
 
Gefundener Bereich FileSystem
Details
Dateiname c:\users\martina\appdata\local\searchprotect\searchprotect\rep\cvc.dat
MD5 0
Signatur 0
Md5hash:  d01872cbb21925c587ff2d2d0d75b756
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\searchprotect
 installdir
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\sppd
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\sppd
 type
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\sppd
 start
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\sppd
 errorcontrol
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\sppd
 imagepath
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\sppd
 displayname
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\sppd
 wow64
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\sppd\enum
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\sppd\enum
 0
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\sppd\enum
 count
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 system\currentcontrolset\services\sppd\enum
 nextinstance
 
 

Name der Infektion pup.installcore
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 22
 
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\1i1t1q1s
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\1i1t1q1s
 name
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\1i1t1q1s
 reg
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore
 t
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore
 tb
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore
 hp
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore
 ds
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\mysearchdial
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\mysearchdial
 insdate
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\mysearchdial
 instlref
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\mysearchdial
 aflt
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\mysearchdial
 c_ver
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\uninstall
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\uninstall\0f1l1g1q0r1l1n1m2z
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\uninstall\0f1l1g1q0r1l1n1m2z
 uninstall
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
 uninstall
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
 sch_desc
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
 sch_link
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
 add_desc
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\installcore\uninstall\0m2u0s1p1t1c1r1m0d1l1t1i
 add_link
 
 

Name der Infektion pup.1clickdownload
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 5
 
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\1clickdownload
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\1clickdownload
 uid
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\1clickdownload
 lastinstall0
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\1clickdownload
 lastinstall3
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\1clickdownload
 lastinstall2
 
 

Name der Infektion pup.babylon
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 17
 
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater
 cr_ver
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater
 task_st
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater
 lastdyreportsch
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater
 rep
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater
 rstsp
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater
 risp
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater
 userid
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater
 lastdllupdatecheck
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater\busolutrunningupdt
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater\busolutrunningupdt
 ff21v.exe
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater\busolutrunningupdt
 crxupdater_d.exe
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater\report
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater\report
 gglsp
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater\report
 sqlt
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater\updates
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\babsolution\updater\updates
 crxenb
 
 

Name der Infektion pup.delta
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 1
 
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\classes\appid\{c26644c4-2a12-4ca6-8f2e-0ede6cf018f3}
 
 
 

Name der Infektion pup.optional-snk
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 2
 
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\{3a7d3e19-1b79-4e4e-bd96-5467da2c4ef0}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\{3a7d3e19-1b79-4e4e-bd96-5467da2c4ef0}
 n
 
 

Name der Infektion pup.shopperpro
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 13
 
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\windows\currentversion\ext\settings\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\windows\currentversion\ext\settings\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
 flags
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
 type
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
 flags
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
 count
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
 time
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
 loadtimearray
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
 software\microsoft\windows\currentversion\ext\stats\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}\iexplore
 navtimearray
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows\currentversion\explorer\browser helper objects\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
 
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows\currentversion\explorer\browser helper objects\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
 noexplorer
 

Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_local_machine
 software\microsoft\windows\currentversion\ext\preapproved\{a5a51d2a-505a-4d84-afc6-e0fa87e47b8c}
 
 
 

Name der Infektion Restricted Settings
Kategorie Security Disabler 
Bedrohungsstufe Medium
Durchgeführte Aktion NoActionTaken
Elemente gefunden 1
 
Gefundener Bereich WindowsSettings
Details
Registrierungsschlüssel hkey_local_machine
 software\clients\startmenuinternet\iexplore.exe\shell\open\command
 
 
 
© 2013 WinZip International LLC. All rights reserved.

Drive c: (LWC) (Fixed) (Total:78.03 GB) (Free:31.81 GB) NTFS
Drive d: (DATEN) (Fixed) (Total:154.76 GB) (Free:137.35 GB) NTFS
Drive e: (SLEEPING_WITH_THE_ENEMY) (CDROM) (Total:4.43 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

==================== End Of Log ============================
[/CODE]

M-K-D-B 02.09.2014 18:09
Servus,



Zitat:
Running from D:\Martina\Downloads
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.




FRST nochmal:

  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.

Tinti 03.09.2014 07:46
teil 1

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014
Ran by Martina at 2014-09-03 08:21:50
Running from D:\Martina\Desktop
Boot Mode: Normal
==========================================================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:17:04
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:17 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:17 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\WiScan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:17:04
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

Tinti 03.09.2014 07:55
teil 2

Code:
(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:17 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:17 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:17:04
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

Tinti 03.09.2014 07:55
Teil 3

Code:
(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:17 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:17 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================ndows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:21:16
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:21 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

Tinti 03.09.2014 07:57
Teil 4

Code:
(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:21 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:17:04
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:17 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:17 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\WiScan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:17:04
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&

Tinti 03.09.2014 07:58
Teil 5

[CODEChrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:17 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:17 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:17:04
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:17 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:17 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed][/CODE]

Tinti 03.09.2014 08:00
Teil 6

[CODE]LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:17:04
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:17 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:17 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================
--- --- ---
ndows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:21:16
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:21 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

Tinti 03.09.2014 08:04
Teil 7

Code:
(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:21 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================
==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1430 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.2.1.260 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.3.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (x32 Version: 3.3.0 - Adobe Systems Incorporated) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Avira (HKLM-x32\...\{e67154a7-9cc5-4167-b782-f3982bc6c70d}) (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4487 - APN, LLC)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.95 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG4200 series Benutzerregistrierung (HKLM-x32\...\Canon MG4200 series Benutzerregistrierung) (Version:  - Canon Inc.‎)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Canon MG4200 series On-screen Manual (HKLM-x32\...\Canon MG4200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3661 - CDBurnerXP)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.28 - Abelssoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version:  - Microsoft)
Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.4.5 - Telerik)
FindRight (HKLM\...\FindRight) (Version: 2014.02.18.181234 - FindRight) <==== ATTENTION
FLVPlayer (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - FLVPlayer) <==== ATTENTION
FontForge 2012-07-31 (HKLM-x32\...\FontForge) (Version: 2012-07-31 - )
Free YouTube to MP3 Converter version 3.12.5.628 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.5.628 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Hartlauer Foto World (HKLM-x32\...\Hartlauer Foto World) (Version: 5.1.5 - CEWE Stiftung u Co. KGaA)
High-Logic FontCreator 8 (HKLM-x32\...\FontCreator8_is1) (Version:  - High-Logic B.V.)
istartsurf uninstall (HKLM-x32\...\istartsurf uninstall) (Version:  - istartsurf) <==== ATTENTION
iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Leawo PowerPoint to Video Converter version 2.7.1.0 (HKLM-x32\...\{5D5CB188-F9B1-4103-B2AD-07FB33068377}_is1) (Version: 2.7.1.0 - Leawo Software)
MAGIX Foto Designer 7 (HKLM-x32\...\MAGIX_{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}) (Version: 7.0.1.1 - MAGIX AG)
MAGIX Foto Designer 7 (Version: 7.0.1.1 - MAGIX AG) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4631.1002 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ Run Time  Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Mozilla Firefox 13.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 13.0.1 (x86 de)) (Version: 13.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 13.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mysearchdial (HKLM-x32\...\mysearchdial) (Version:  - Mysearchdial) <==== ATTENTION
NSIS Birdfont (HKLM-x32\...\Birdfont) (Version:  - )
NVIDIA 3D Vision Treiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.19.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.19.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6721 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 267.21 (Version: 267.21 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
PhotoPad Foto-Editor (HKLM-x32\...\PhotoPad) (Version: 2.41 - NCH Software)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.17.1.22 - Client Connect LTD) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shopper-Pro (HKLM-x32\...\ShopperPro) (Version:  - )
simplitec simplicheck (HKLM-x32\...\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}) (Version: 1.3.9.0 - simplitec GmbH)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SpeedMaxPc (HKLM-x32\...\{1341F917-C3E5-413E-A11C-AA58273843C4}) (Version: 3.1.6.0 - SpeedMaxPc)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WindowsMangerProtect20.0.0.722 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.722 - WindowsProtect LIMITED) <==== ATTENTION
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XnView 1.99.5 (HKLM-x32\...\XnView_is1) (Version: 1.99.5 - Gougelet Pierre-e)
YouTube Accelerator (HKLM-x32\...\YouTube Accelerator) (Version: 3394(build_88) - Goobzo Ltd.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

28-08-2014 21:18:18 Windows Update
02-09-2014 05:07:47 Installed SpyHunter
02-09-2014 05:15:58 Removed SpyHunter
02-09-2014 05:50:31 Installed SpyHunter
02-09-2014 06:43:19 Removed SpyHunter

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {136E99D8-6048-466C-A642-6ED03D639BE9} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {A9EB2394-AF1F-446F-BB25-754EC1B3C9B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-15] (Google Inc.)
Task: {B78E6EA3-3BE7-484B-948E-4076ECF61197} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-15] (Google Inc.)
Task: {C72E5E18-FF2C-49F1-8FC2-B294810C7742} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated)
Task: {CC0AA8B8-4984-4151-9A68-08465D6D829C} - System32\Tasks\BrowserDefendert => Sc.exe start BrowserDefendert <==== ATTENTION
Task: {F71B22B6-2AE6-45F4-BF99-434CCA5975EA} - System32\Tasks\EPUpdater => C:\Users\Martina\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe <==== ATTENTION
Task: C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job => C:\Program Files (x86)\TheGoPhoto.it V10\TheGoPhoto.it V10-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job => C:\Program Files (x86)\TheGoPhoto.it V10\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job => C:\Program Files (x86)\TheGoPhoto.it V10\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job => C:\Program Files (x86)\TheGoPhoto.it V10\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job => C:\Program Files (x86)\TheGoPhoto.it V10\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job => C:\Program Files (x86)\TheHDvid-Codec V10\TheHDvid-Codec V10-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job => C:\Program Files (x86)\TheHDvid-Codec V10\3bd2a66d-6045-4320-bce5-355ba9209e38-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AdobeAAMUpdater-1.0-NB01KRZBMA-Martina.job => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a54415c3b16.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Launch 21752.job => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: C:\Windows\Tasks\Updater scan.job => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe

==================== Loaded Modules (whitelisted) =============

2013-10-16 19:02 - 2013-10-16 19:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-07-04 16:21 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-11-29 17:53 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-08-21 16:10 - 2014-08-07 16:00 - 03211776 _____ () C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
2013-10-16 19:01 - 2013-10-16 19:01 - 04624240 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-08-14 14:22 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\Martina\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2013-10-17 17:45 - 2013-10-17 17:45 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-03-13 14:42 - 2013-06-05 15:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2014-08-07 15:57 - 2014-08-07 15:57 - 01257472 _____ () C:\Program Files\Common Files\ShopperPro\spbici32.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Atheros AR3011 Bluetooth(R) Adapter
Description: Atheros AR3011 Bluetooth(R) Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/03/2014 07:43:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15587620

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15587620

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/03/2014 07:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15586606

Error: (09/03/2014 07:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15586606

Error: (09/03/2014 07:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/03/2014 07:43:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15585608

Error: (09/03/2014 07:43:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15585608

Error: (09/03/2014 07:43:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (09/03/2014 07:46:53 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (09/03/2014 07:46:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wajam Internet Enhancer Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/03/2014 07:45:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IePlugin Services" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/03/2014 07:44:46 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎03.‎09.‎2014 um 07:43:25 unerwartet heruntergefahren.

Error: (09/01/2014 10:35:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wajam Internet Enhancer Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/01/2014 10:35:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IePlugin Services" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/01/2014 02:38:57 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde nicht richtig gestartet.

Error: (09/01/2014 02:37:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (09/01/2014 02:36:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wajam Internet Enhancer Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/01/2014 02:30:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.


Microsoft Office Sessions:
=========================
Error: (09/03/2014 07:43:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15587620

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15587620

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/03/2014 07:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15586606

Error: (09/03/2014 07:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15586606

Error: (09/03/2014 07:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/03/2014 07:43:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15585608

Error: (09/03/2014 07:43:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15585608

Error: (09/03/2014 07:43:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2013-08-03 00:31:49.584
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.581
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.578
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.555
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.551
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.545
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.741
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.739
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.736
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.718
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 48%
Total physical RAM: 4077.86 MB
Available physical RAM: 2094.05 MB
Total Pagefile: 8153.9 MB
Available Pagefile: 5684.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (LWC) (Fixed) (Total:78.03 GB) (Free:31.25 GB) NTFS
Drive d: (DATEN) (Fixed) (Total:154.76 GB) (Free:137.34 GB) NTFS
Drive e: (SLEEPING_WITH_THE_ENEMY) (CDROM) (Total:4.43 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 26558982)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=154.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Teil 1

Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:17:04
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:17 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

Tinti 03.09.2014 08:05
Teil 2

Code:
(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:17 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\WiScan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:17:04
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:17 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:17 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe

Tinti 03.09.2014 08:06
Teil 3

Code:
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================
FRST Logfile:

       
Code:

       
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:17:04
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:17 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:17 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================

--- --- ---
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:17:04
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

Tinti 03.09.2014 08:07
Teil 4

[CODE]==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:17 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:17 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================ndows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 08:21:16
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2227048 2014-08-21] (GOOBZO)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.exe [3211776 2014-08-07] ()
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232408 2014-08-31] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187352 2014-08-31] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (simplitec)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=55&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll (Goobzo Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll (Goobzo Ltd.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: FindRight -> {cf710881-c002-4ea4-860a-b6931b040948} -> C:\Program Files (x86)\FindRight\FindRightbho.dll (FindRight)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll (Goobzo Ltd.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF NewTab: hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF DefaultSearchEngine: istartsurf
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: TheHDvid-Codec V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\43f13f31-cec7-4ac7-ad4a-18dfdaeae120@gmail.com [2014-08-21]
FF Extension: TheGoPhoto.it V10 - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\EWBNO58637124@CLP39222015.com [2014-08-21]
FF Extension: Fast Start - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Shopper-Pro - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-08-21]
FF Extension: FindRight - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\firefox@myfindright.com.xpi [2014-02-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-13]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (DVDVideoSoft) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-07-14]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR Extension: (Extutil) - C:\Users\Martina\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-31]
CHR Extension: (Managera) - C:\Users\Martina\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-31]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-13]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.istartsurf.com/?type=sc&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX

==================== Services (Whitelisted) =================
Teil 5

Code:
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-08-31] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-21] (globalUpdate) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-08-07] (ShopperPro)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-08-21] (Fuyu LIMITED) [File not signed]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-21] (GOOBZO)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-08-07] ()
R2 SPDRIVER_1.37.0.486; C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.486\jsdrv.sys [52584 2014-08-07] ()
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 11:49 - 2014-09-03 08:21 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:16 - 2014-09-01 21:49 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 16:16 - 2014-08-30 16:17 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 07:47 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:13 - 2014-09-01 22:20 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-08-21 16:13 - 2014-08-21 16:14 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-09-01 22:21 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-23 10:00 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:09 - 2014-08-21 16:10 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-09-02 07:15 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:21 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:54 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 07:53 - 2013-06-14 23:43 - 01758725 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 07:47 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-03 07:46 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:44 - 2009-07-14 06:51 - 00075101 _____ () C:\Windows\setupact.log
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-09-02 14:08 - 2014-09-02 14:08 - 00000000 ____D () C:\Program Files (x86)\SpeedMaxPc
2014-09-02 14:02 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:15 - 2014-08-21 16:08 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\istartsurf
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 22:35 - 2013-06-15 03:18 - 00323572 _____ () C:\Windows\PFRO.log
2014-09-01 22:21 - 2014-08-21 16:12 - 00000000 ____D () C:\Program Files (x86)\FLVPlayer
2014-09-01 22:20 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\TheGoPhoto.it V10
2014-09-01 22:20 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\TheHDvid-Codec V10
2014-09-01 21:49 - 2014-08-30 16:16 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-30 16:18 - 2014-08-30 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-30 16:17 - 2014-08-30 16:16 - 00000000 _____ () C:\END
2014-08-30 16:16 - 2014-08-30 16:16 - 00000000 ____D () C:\Users\Martina\AppData\Local\SearchProtect
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 10:00 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YouTube Accelerator
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:23 - 2014-08-22 18:23 - 00000000 ____D () C:\ProgramData\374311380
2014-08-21 16:15 - 2014-08-21 16:15 - 00004492 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-11.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001818 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-1.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001700 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5_user.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001680 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-5.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00001410 _____ () C:\Windows\Tasks\16e09ab7-bf32-41db-a5e3-0520997d5fd9-2.job
2014-08-21 16:15 - 2014-08-21 16:15 - 00000896 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cfbd4a5e77343e.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001826 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-1.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001704 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5_user.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001684 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-5.job
2014-08-21 16:14 - 2014-08-21 16:14 - 00001414 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-2.job
2014-08-21 16:14 - 2014-08-21 16:13 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-21 16:13 - 2014-08-21 16:13 - 00004494 _____ () C:\Windows\Tasks\3bd2a66d-6045-4320-bce5-355ba9209e38-11.job
2014-08-21 16:13 - 2014-08-21 16:13 - 00000000 ____D () C:\Users\Martina\AppData\Local\globalUpdate
2014-08-21 16:12 - 2014-08-21 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FLVPlayer
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:10 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\YTAHelper
2014-08-21 16:10 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files (x86)\ShopperPro
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-08-21 16:08 - 2014-08-21 16:08 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-21 16:08 - 2013-06-16 16:53 - 00002354 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-21 16:08 - 2013-06-15 00:32 - 00001358 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-21 16:08 - 2013-06-14 23:49 - 00001649 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================
--- --- ---

M-K-D-B 03.09.2014 08:20
Servus,



Wir beginnen so:




Schritt 1
  • Lade dir bitte die folgendes Programm auf deinen Desktop: SpyHunterKiller.exe
  • Starte das Tool und klicke Weiter.
  • Sobald das Tool fertig ist, klicke auf Ende, um das Programm zu beenden.






Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.






Schritt 4

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 5
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von JRT,
  • die Logdatei von MBAM,
  • die beiden neuen Logdateien von FRST.

Tinti 03.09.2014 14:45
Hallo,

ich kann Schritt 1 nicht ausführen weil steht dass auf das folgende Gerät bzw. Programm nicht zugegriffen werden kann.

Lg

Code:
# AdwCleaner v3.309 - Bericht erstellt am 03/09/2014 um 15:28:56
# Aktualisiert 02/09/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Martina - NB01KRZBMA
# Gestartet von : D:\Martina\Desktop\adwcleaner_3.309.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : CltMngSvc
[#] Dienst Gelöscht : globalUpdate
[#] Dienst Gelöscht : globalUpdatem
[#] Dienst Gelöscht : IePluginServices
Dienst Gelöscht : SPBIUpd
[#] Dienst Gelöscht : SPBIUpdd
[#] Dienst Gelöscht : Wajam Internet Enhancer Service
Dienst Gelöscht : WindowsMangerProtect

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\374311380
Ordner Gelöscht : C:\ProgramData\NCH Software
Ordner Gelöscht : C:\ProgramData\ShopperPro
Ordner Gelöscht : C:\ProgramData\SpeedMaxPc
Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect
Ordner Gelöscht : C:\ProgramData\YTAHelper
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
Ordner Gelöscht : C:\Program Files (x86)\FindRight
Ordner Gelöscht : C:\Program Files (x86)\FlvPlayer
[!] Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\NCH Software
Ordner Gelöscht : C:\Program Files (x86)\SearchProtect
Ordner Gelöscht : C:\Program Files (x86)\ShopperPro
Ordner Gelöscht : C:\Program Files (x86)\SpeedMaxPc
Ordner Gelöscht : C:\Program Files (x86)\YouTube Accelerator
Ordner Gelöscht : C:\Program Files (x86)\YTAHelper
Ordner Gelöscht : C:\Program Files (x86)\Common Files\SpeedMaxPc
[/!\] Nicht Gelöscht ( Junction ) : C:\Program Files\Gemeinsame Dateien
Ordner Gelöscht : C:\Users\Martina\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Martina\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Martina\AppData\LocalLow\Goobzo
Ordner Gelöscht : C:\Users\Martina\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Martina\AppData\Roaming\istartsurf
Ordner Gelöscht : C:\Users\Martina\AppData\Roaming\NCH Software
Ordner Gelöscht : C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
Ordner Gelöscht : D:\Martina\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
Ordner Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\faststartff@gmail.com
Ordner Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Public\Desktop\simplicheck.lnk
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\LiveSupport.exe_log.txt
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\regsvr32.exe_log.txt
Datei Gelöscht : D:\Martina\Desktop\SpeedMaxPc.lnk
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\invalidprefs.js
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\bingp.xml
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\BrowserDefender.xml
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\delta.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\istartsurf.xml
Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\searchplugins\Mysearchdial.xml
Datei Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Tasks ] *****

Task Gelöscht : BrowserDefendert
Task Gelöscht : EPUpdater

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Chrome App Launcher.lnk
Verknüpfung Desinfiziert : C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Google Keep.lnk
Verknüpfung Desinfiziert : C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Schlüssel Gelöscht : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [livesupport]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FindRight_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FindRight_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SPDriver]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKCU\Software\5957d88db46eeb43
Schlüssel Gelöscht : HKLM\SOFTWARE\5957d88db46eeb43
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622332213}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622332215}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655335513}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655335515}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666336613}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666336615}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644334413}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644334415}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622332213}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622332215}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655335513}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655335515}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666336613}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666336615}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\BABSOLUTION
Schlüssel Gelöscht : HKCU\Software\FindRight
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\Goobzo
Schlüssel Gelöscht : HKCU\Software\InetStat
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\mysearchdial
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\SpeedMaxPC
Schlüssel Gelöscht : HKCU\Software\SupHpUISoft
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\FindRight
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\Goobzo
Schlüssel Gelöscht : HKLM\SOFTWARE\InstallCore
Schlüssel Gelöscht : HKLM\SOFTWARE\istartsurfSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\simplitec
Schlüssel Gelöscht : HKLM\SOFTWARE\SpeedMaxPC
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\istartsurf uninstall
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FindRight
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\499E8534DA7E759419D2048CB780D3D5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5DCE3C04E576AD15F972B67D0725120C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\62255E52F19EC97429A42D59D49024FA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\930D9472A978D7A4EB16BF4DECB173B7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AEB93799E8B47D14CA356E4343D632A4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE7C2A75DF08824E9CEFDE20F655BD9

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17239

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v13.0.1 (de)

[ Datei : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://www.istartsurf.com/newtab/?type=nt&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "istartsurf");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "istartsurf");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.istartsurf.com/?type=hp&ts=1408630080&from=smt&uid=HitachiXHTS545025A7E380_TA8A123VCMXWMTCMXWMTX");

-\\ Google Chrome v36.0.1985.143

[ Datei : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=2A6D90004EB858ED&affID=121563&tsp=4942
Gelöscht [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=aw0202ch&cd=2XzuyEtN2Y1L1Qzu0BtBtDtDyE0E0BzzyDzz0E0DtD0ByBtBtN0D0Tzu0CyBzzzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1134954845&ir=
Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325386&octid=EB_ORIGINAL_CTID&ISID=MBE1B69C2-1A5C-4CA3-9376-6B92DBDE9BCF&SearchSource=58&CUI=&UM=6&UP=SPAA41E917-BF56-450F-9DCA-0EBCA6938BAD&q={searchTerms}&SSPV=
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
Gelöscht [Extension] : nikpibnbobmbdbheedjfogjlikpgpnhp

*************************

AdwCleaner[R0].txt - [27292 octets] - [03/09/2014 15:13:29]
AdwCleaner[R1].txt - [27353 octets] - [03/09/2014 15:25:13]
AdwCleaner[S0].txt - [23904 octets] - [03/09/2014 15:28:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23965 octets] ##########

M-K-D-B 03.09.2014 14:53
Servus,



ok, dann weiter mit den anderen Schritte bitte. :)

Tinti 03.09.2014 15:29
Anhang 69203

M-K-D-B 03.09.2014 16:28
Das ist nicht die Logdatei des Suchlaufs, diese bitte noch nachreichen.

Nun weiter mit JRT und FRST wie beschrieben.

Tinti 03.09.2014 16:33
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 03-09-2014 16:25:50
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll No File
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll No File
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF SearchEngineOrder.3: Bing
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com [2013-08-18]
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-21]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S2 YouTubeAcceleratorService; C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe -start -scm [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 16:19 - 2014-09-03 16:19 - 00000000 ____D () C:\mbam.txt
2014-09-03 15:46 - 2014-09-03 16:14 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-03 15:46 - 2014-09-03 15:46 - 00001065 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-03 15:46 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-03 15:46 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-03 15:46 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-03 15:14 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-03 15:11 - 2014-09-03 15:29 - 00000000 ____D () C:\AdwCleaner
2014-09-02 11:49 - 2014-09-03 16:25 - 00000000 ____D () C:\FRST
2014-09-02 09:52 - 2014-09-02 10:40 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-25 23:05 - 2014-09-03 14:45 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-08-23 12:40 - 2014-08-23 21:29 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 16:25 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-03 16:19 - 2014-09-03 16:19 - 00000000 ____D () C:\mbam.txt
2014-09-03 16:19 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 16:19 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 16:14 - 2014-09-03 15:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-03 16:12 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-03 16:10 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 16:10 - 2009-07-14 06:51 - 00075213 _____ () C:\Windows\setupact.log
2014-09-03 16:09 - 2013-06-15 03:18 - 00439506 _____ () C:\Windows\PFRO.log
2014-09-03 16:09 - 2013-06-14 23:43 - 01774922 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 16:09 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-09-03 15:46 - 2014-09-03 15:46 - 00001065 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-03 15:29 - 2014-09-03 15:11 - 00000000 ____D () C:\AdwCleaner
2014-09-03 15:29 - 2014-02-20 18:27 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-03 15:29 - 2013-06-16 16:53 - 00001241 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-03 15:29 - 2013-06-16 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-03 15:29 - 2013-06-15 00:32 - 00001024 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-03 15:29 - 2013-06-14 23:49 - 00001002 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-03 14:45 - 2014-08-25 23:05 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job
2014-09-03 07:47 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 10:40 - 2014-09-02 09:52 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Nico Mak Computing
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:08 - 2014-09-02 07:08 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 21:29 - 2014-08-23 12:40 - 00000470 _____ () C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 16:10 - 2014-08-21 16:10 - 00000260 _____ () C:\Windows\Tasks\Launch 21752.job
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00001109 _____ () C:\Users\Martina\Desktop\YouTube Accelerator.lnk
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\Quarantine.exe
C:\Users\Martina\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================
--- --- ---

--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014
Ran by Martina at 2014-09-03 17:26:34
Running from D:\Martina\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1430 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.2.1.260 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.3.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (x32 Version: 3.3.0 - Adobe Systems Incorporated) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Avira (HKLM-x32\...\{e67154a7-9cc5-4167-b782-f3982bc6c70d}) (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4487 - APN, LLC)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.95 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG4200 series Benutzerregistrierung (HKLM-x32\...\Canon MG4200 series Benutzerregistrierung) (Version:  - Canon Inc.‎)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Canon MG4200 series On-screen Manual (HKLM-x32\...\Canon MG4200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3661 - CDBurnerXP)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.28 - Abelssoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version:  - Microsoft)
Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.4.5 - Telerik)
FontForge 2012-07-31 (HKLM-x32\...\FontForge) (Version: 2012-07-31 - )
Free YouTube to MP3 Converter version 3.12.5.628 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.5.628 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Hartlauer Foto World (HKLM-x32\...\Hartlauer Foto World) (Version: 5.1.5 - CEWE Stiftung u Co. KGaA)
High-Logic FontCreator 8 (HKLM-x32\...\FontCreator8_is1) (Version:  - High-Logic B.V.)
iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Leawo PowerPoint to Video Converter version 2.7.1.0 (HKLM-x32\...\{5D5CB188-F9B1-4103-B2AD-07FB33068377}_is1) (Version: 2.7.1.0 - Leawo Software)
MAGIX Foto Designer 7 (HKLM-x32\...\MAGIX_{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}) (Version: 7.0.1.1 - MAGIX AG)
MAGIX Foto Designer 7 (Version: 7.0.1.1 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4631.1002 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ Run Time  Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Mozilla Firefox 13.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 13.0.1 (x86 de)) (Version: 13.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 13.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NSIS Birdfont (HKLM-x32\...\Birdfont) (Version:  - )
NVIDIA 3D Vision Treiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.19.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.19.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6721 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 267.21 (Version: 267.21 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
PhotoPad Foto-Editor (HKLM-x32\...\PhotoPad) (Version: 2.41 - NCH Software)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shopper-Pro (HKLM-x32\...\ShopperPro) (Version:  - )
simplitec simplicheck (HKLM-x32\...\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}) (Version: 1.3.9.0 - simplitec GmbH)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SpeedMaxPc (HKLM-x32\...\{1341F917-C3E5-413E-A11C-AA58273843C4}) (Version: 3.1.6.0 - SpeedMaxPc)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XnView 1.99.5 (HKLM-x32\...\XnView_is1) (Version: 1.99.5 - Gougelet Pierre-e)
YouTube Accelerator (HKLM-x32\...\YouTube Accelerator) (Version: 3394(build_88) - Goobzo Ltd.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

28-08-2014 21:18:18 Windows Update
02-09-2014 05:07:47 Installed SpyHunter
02-09-2014 05:15:58 Removed SpyHunter
02-09-2014 05:50:31 Installed SpyHunter
02-09-2014 06:43:19 Removed SpyHunter

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {136E99D8-6048-466C-A642-6ED03D639BE9} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {A9EB2394-AF1F-446F-BB25-754EC1B3C9B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-15] (Google Inc.)
Task: {B78E6EA3-3BE7-484B-948E-4076ECF61197} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-15] (Google Inc.)
Task: {C72E5E18-FF2C-49F1-8FC2-B294810C7742} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AdobeAAMUpdater-1.0-NB01KRZBMA-Martina.job => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a54415c3b16.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Launch 21752.job => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: C:\Windows\Tasks\Updater scan.job => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe

==================== Loaded Modules (whitelisted) =============

2013-10-16 19:02 - 2013-10-16 19:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-07-04 16:21 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-11-29 17:53 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-10-16 19:01 - 2013-10-16 19:01 - 04624240 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-08-04 14:20 - 2014-08-04 14:20 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00067832 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-08-14 14:22 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\Martina\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2013-10-17 17:45 - 2013-10-17 17:45 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-03-13 14:42 - 2013-06-05 15:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-16 10:33 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Atheros AR3011 Bluetooth(R) Adapter
Description: Atheros AR3011 Bluetooth(R) Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/03/2014 03:31:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x800706b5, Die Schnittstelle ist unbekannt.
.

Error: (09/03/2014 03:31:58 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x800706b5, Die Schnittstelle ist unbekannt.
]

Error: (09/03/2014 03:29:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_RpcSs, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: RPCRT4.dll, Version: 6.1.7601.18532, Zeitstempel: 0x53c339ee
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000bf27
ID des fehlerhaften Prozesses: 0x310
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_RpcSs0
Pfad der fehlerhaften Anwendung: svchost.exe_RpcSs1
Pfad des fehlerhaften Moduls: svchost.exe_RpcSs2
Berichtskennung: svchost.exe_RpcSs3

Error: (09/03/2014 09:56:49 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2014-09-03T09:50:49Z. Error Code: 0x80070032.

Error: (09/03/2014 07:43:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15587620

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15587620

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/03/2014 07:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15586606

Error: (09/03/2014 07:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15586606


System errors:
=============
Error: (09/03/2014 04:10:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "YouTubeAcceleratorService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/03/2014 03:33:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "YouTubeAcceleratorService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/03/2014 03:33:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SPDRIVER_1.37.0.486" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3

Error: (09/03/2014 03:29:50 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" wurde mit folgendem dienstspezifischem Fehler beendet: %%0.

Error: (09/03/2014 03:29:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Remoteprozeduraufruf (RPC)" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Computers.

Error: (09/03/2014 03:29:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "RPC-Endpunktzuordnung" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/03/2014 07:46:53 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (09/03/2014 07:46:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wajam Internet Enhancer Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/03/2014 07:45:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IePlugin Services" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/03/2014 07:44:46 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎03.‎09.‎2014 um 07:43:25 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================
Error: (09/03/2014 03:31:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x800706b5, Die Schnittstelle ist unbekannt.

Error: (09/03/2014 03:31:58 PM) (Source: VSS) (EventID: 13) (User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x800706b5, Die Schnittstelle ist unbekannt.

Error: (09/03/2014 03:29:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_RpcSs6.1.7600.163854a5bc3c1RPCRT4.dll6.1.7601.1853253c339eec0000005000000000000bf2731001cfc73a2ab20ee7C:\Windows\system32\svchost.exeC:\Windows\system32\RPCRT4.dll5e522420-336e-11e4-87f2-810b0bc3ec01

Error: (09/03/2014 09:56:49 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800700322014-09-03T09:50:49Z

Error: (09/03/2014 07:43:34 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15587620

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15587620

Error: (09/03/2014 07:43:33 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/03/2014 07:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15586606

Error: (09/03/2014 07:43:32 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15586606


CodeIntegrity Errors:
===================================
  Date: 2013-08-03 00:31:49.584
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.581
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.578
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.555
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.551
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.545
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.741
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.739
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.736
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.718
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 47%
Total physical RAM: 4077.86 MB
Available physical RAM: 2152.59 MB
Total Pagefile: 8153.9 MB
Available Pagefile: 5727.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (LWC) (Fixed) (Total:78.03 GB) (Free:30.89 GB) NTFS
Drive d: (DATEN) (Fixed) (Total:154.76 GB) (Free:137.32 GB) NTFS
Drive e: (SLEEPING_WITH_THE_ENEMY) (CDROM) (Total:4.43 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 26558982)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=154.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

M-K-D-B 03.09.2014 16:35
Suchlauf von MBAM und JRT bitte noch nachreichen, dann kann es weitergehen. :)

Tinti 03.09.2014 17:34
bei Malware findet er nichts mehr :-)

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Martina on 03.09.2014 at 17:49:57,59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2921778440-697364257-2174348754-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{87EA3B72-62EE-4507-9E84-22DA985E963A}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\simplitec"
Successfully deleted: [Folder] "C:\Users\Martina\AppData\Roaming\simplitec"
Successfully deleted: [Folder] "C:\Program Files (x86)\simplitec"



~~~ FireFox

Successfully deleted: [File] C:\Users\Martina\AppData\Roaming\mozilla\firefox\profiles\8qahtb8s.default\extensions\toolbar_avira-v7@apn.ask.com.xpi
Successfully deleted: [Folder] C:\Users\Martina\AppData\Roaming\mozilla\firefox\profiles\8qahtb8s.default\extensions\toolbar_avira-v7@apn.ask.com



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.09.2014 at 17:57:38,90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
passt das jetzt so? ggg

M-K-D-B 04.09.2014 08:15
Gut gemacht. :)



So geht es weiter:




Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup
C:\Program Files (x86)\YouTube Accelerator
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll No File
C:\ProgramData\YTAHelper
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll No File
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
S2 YouTubeAcceleratorService; C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe -start -scm [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
C:\Program Files\Enigma Software Group
C:\Users\Martina\AppData\Roaming\Nico Mak Computing
C:\Users\Martina\Desktop\YouTube Accelerator.lnk
Task: C:\Windows\Tasks\Launch 21752.job => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION
C:\ProgramData\ShopperPro
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    :folderfind
    *YouTubeAccelerator*
    *ShopperPro*
    *Shopper-Pro*
    *SpeedMaxPc*
    *simplitec*
    *InetStat*
    *Wajam*
    *FindRight*
    *FlvPlayer*
    *globalUpdate*
    *Goobzo*
    *istartsurf*

    :regfind
    YouTubeAccelerator
    ShopperPro
    Shopper-Pro
    SpeedMaxPc
    simplitec
    InetStat
    Wajam
    FindRight
    FlvPlayer
    globalUpdate
    Goobzo
    istartsurf
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.







Schritt 3
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von SystemLook,
  • die beiden neuen Logdateien von FRST.

Tinti 04.09.2014 10:28
Bei Schritt 1 wird nichts erstellt. Ich habs aber richtig gemacht. :-)

M-K-D-B 04.09.2014 10:45
Zitat:
Zitat von Tinti (Beitrag 1353914)
Bei Schritt 1 wird nichts erstellt. Ich habs aber richtig gemacht. :-)
Wurde der Neustart durchgeführt?

Logdatei findet sich unter: D:\Martina\Desktop\fixlog.txt

Tinti 05.09.2014 07:05
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2014
Ran by Martina at 2014-09-04 11:15:30 Run:1
Running from D:\Martina\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [GoobzoYouTubeAccelerator] => "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup
C:\Program Files (x86)\YouTube Accelerator
BHO: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper64.dll No File
C:\ProgramData\YTAHelper
BHO-x32: YTAHelper -> {FCE3FA8B-BA81-467C-81D8-E43C00D1BC71} -> C:\ProgramData\YTAHelper\YTAHelper.dll No File
FF Extension: Youtube Accelerator Helper - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-08-21]
S2 YouTubeAcceleratorService; C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe -start -scm [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
C:\Program Files\Enigma Software Group
C:\Users\Martina\AppData\Roaming\Nico Mak Computing
C:\Users\Martina\Desktop\YouTube Accelerator.lnk
Task: C:\Windows\Tasks\Launch 21752.job => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION
Task: C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job => C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe <==== ATTENTION
C:\ProgramData\ShopperPro
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
EmptyTemp:
end
       
*****************

HKU\S-1-5-21-2921778440-697364257-2174348754-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoobzoYouTubeAccelerator => value deleted successfully.
"C:\Program Files (x86)\YouTube Accelerator" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}" => Key deleted successfully.
"HKCR\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}" => Key deleted successfully.
"C:\ProgramData\YTAHelper" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}" => Key deleted successfully.
C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} => Moved successfully.
YouTubeAcceleratorService => Service deleted successfully.
esgiguard => Service deleted successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
C:\Users\Martina\AppData\Roaming\Nico Mak Computing => Moved successfully.
C:\Users\Martina\Desktop\YouTube Accelerator.lnk => Moved successfully.
C:\Windows\Tasks\Launch 21752.job => Moved successfully.
C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d2d37505a2a6c55326c342341.job => Moved successfully.
C:\Windows\Tasks\SPBIW_UpdateTask_Time_323935343339393034362d5b784a456c2a23342a325557.job => Moved successfully.
"C:\ProgramData\ShopperPro" => File/Directory not found.
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.
EmptyTemp: => Removed 286.6 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====
Code:
SystemLook 30.07.11 by jpshortstuff
Log created at 07:45 on 05/09/2014 by Martina
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== folderfind ==========

Searching for "*YouTubeAccelerator*"
No folders found.

Searching for "*ShopperPro*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\ProgramData\ShopperPro        d------        [13:29 03/09/2014]
C:\Users\Public\Documents\ShopperPro        d------        [14:09 21/08/2014]

Searching for "*Shopper-Pro*"
No folders found.

Searching for "*SpeedMaxPc*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SpeedMaxPc\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\ProgramData\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\ProgramData\SpeedMaxPc\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\ProgramData\SpeedMaxPc\UUS3\speedmaxpc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc\SpeedMaxPc        d------        [13:29 03/09/2014]

Searching for "*simplitec*"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec        d------        [12:08 27/05/2014]
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\simplitec        d------        [12:08 27/05/2014]

Searching for "*InetStat*"
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat        d------        [13:29 03/09/2014]

Searching for "*Wajam*"
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0bc29433        d----c-        [18:08 29/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0cedc34e        d----c-        [08:41 30/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0d29de4d        d----c-        [17:16 30/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_cab_0eb6163e        d----c-        [11:27 28/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_02eee0de        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_035d29a0        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_099dfac4        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ecb72b1        d----c-        [19:45 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ecddcc7        d----c-        [11:27 28/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ed21b8b        d----c-        [17:16 30/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ef20492        d----c-        [08:41 30/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1124621e        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1524203e        d----c-        [19:50 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1bd6b903        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1bd70935        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1e6c89f8        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1ec41259        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1f3ec208        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_208901d5        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_20daea31        d----c-        [19:45 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_21cbc2b4        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_224ba8dd        d----c-        [19:50 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2276190d        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_22b57984        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_240358fa        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_247a9a2e        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_249f80e4        d----c-        [19:50 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_24d0d9eb        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_259f9aca        d----c-        [19:45 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25d5518a        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25ddf123        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25e3121b        d----c-        [19:45 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25edc939        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2607d0b8        d----c-        [19:50 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_262640d8        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26383a53        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_263a4a69        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2643f883        d----c-        [19:50 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_264a7253        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_264bea7f        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_269290fa        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26ba22ae        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26cda130        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_270e6910        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2734b1f2        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_278b311f        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_cab_1e574700        d----c-        [19:45 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0bc29433        d----c-        [18:08 29/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0cedc34e        d----c-        [08:41 30/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0d29de4d        d----c-        [17:16 30/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_cab_0eb6163e        d----c-        [11:27 28/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_02eee0de        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_035d29a0        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_099dfac4        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ecb72b1        d----c-        [19:45 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ecddcc7        d----c-        [11:27 28/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ed21b8b        d----c-        [17:16 30/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ef20492        d----c-        [08:41 30/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1124621e        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1524203e        d----c-        [19:50 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1bd6b903        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1bd70935        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1e6c89f8        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1ec41259        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1f3ec208        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_208901d5        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_20daea31        d----c-        [19:45 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_21cbc2b4        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_224ba8dd        d----c-        [19:50 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2276190d        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_22b57984        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_240358fa        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_247a9a2e        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_249f80e4        d----c-        [19:50 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_24d0d9eb        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_259f9aca        d----c-        [19:45 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25d5518a        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25ddf123        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25e3121b        d----c-        [19:45 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25edc939        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2607d0b8        d----c-        [19:50 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_262640d8        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26383a53        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_263a4a69        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2643f883        d----c-        [19:50 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_264a7253        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_264bea7f        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_269290fa        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26ba22ae        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26cda130        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_270e6910        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2734b1f2        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_278b311f        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_cab_1e574700        d----c-        [19:45 27/08/2014]

Searching for "*FindRight*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\FindRight        d------        [13:29 03/09/2014]

Searching for "*FlvPlayer*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\FlvPlayer        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer        d------        [13:29 03/09/2014]

Searching for "*globalUpdate*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate        d------        [13:29 03/09/2014]

Searching for "*Goobzo*"
C:\Users\Public\Documents\GOOBZO        d------        [14:09 21/08/2014]

Searching for "*istartsurf*"
C:\AdwCleaner\Quarantine\C\Users\Martina\AppData\Roaming\istartsurf        d------        [13:29 03/09/2014]

========== regfind ==========

Searching for "YouTubeAccelerator"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator]
"URLInfoAbout"="hxxp://www.youtubeaccelerator.com/support/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator]
"Contact"="support@youtubeaccelerator.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator]
"HelpLink"="hxxp://www.youtubeaccelerator.com/about/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator]
"DisplayIcon"="C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe,-0"

Searching for "ShopperPro"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro]
"UninstallString"="C:\Program Files (x86)\ShopperPro\SPremove.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro]
"DisplayIcon"="C:\Program Files (x86)\ShopperPro\ShopperPro.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ShopperPro.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ShopperPro.exe]
@="C:\Program Files (x86)\ShopperPro\ShopperPro.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro]
[HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro]
"EXELOCATION"="C:\Program Files (x86)\ShopperPro"
[HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro]
"ChromeExtFile"="ShopperPro.crx"
[HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro]
"DBLOCATION"="C:\ProgramData\ShopperPro"
[HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro]
"CONFIGLOCATION"="C:\ProgramData\ShopperPro"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}]
@="IShopperProBHO"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}\1.0]
@="ShopperPro 1.0 Type Library"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}\1.0\0\win32]
@="C:\ProgramData\ShopperPro\ShopperPro64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}]
@="IShopperProBHO"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}\1.0]
@="ShopperPro 1.0 Type Library"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}\1.0\0\win32]
@="C:\ProgramData\ShopperPro\ShopperPro64.dll"

Searching for "Shopper-Pro"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro]
"DisplayName"="Shopper-Pro"

Searching for "SpeedMaxPc"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"InstallLocation"="C:\Program Files (x86)\SpeedMaxPc\SpeedMaxPc"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"DisplayName"="SpeedMaxPc"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"DisplayIcon"="C:\Program Files (x86)\SpeedMaxPc\SpeedMaxPc\speedmaxpc.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"UninstallString"="C:\Program Files (x86)\SpeedMaxPc\SpeedMaxPc\uninstall.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"URLInfoAbout"="hxxp://www.SpeedMaxPc.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"Publisher"="SpeedMaxPc"

Searching for "simplitec"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}]
"InstallLocation"="C:\Program Files (x86)\simplitec\simplicheck\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}]
"Publisher"="simplitec GmbH"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}]
"DisplayName"="simplitec simplicheck"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\ADE301FD73976694E8BFE55F3C38102F]
"ProductName"="simplitec simplicheck"

Searching for "InetStat"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CabinetState]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Advanced\Folder\ShowFullPath]
"RegPath"="Software\Microsoft\Windows\CurrentVersion\Explorer\CabinetState"
[HKEY_USERS\S-1-5-21-2921778440-697364257-2174348754-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\CabinetState]

Searching for "Wajam"
No data found.

Searching for "FindRight"
No data found.

Searching for "FlvPlayer"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\db43ff0b_0]
@="{0.0.0.00000000}.{8eb66584-a5b4-48a7-866d-aee82a1737a7}|\Device\HarddiskVolume2\Program Files (x86)\FLVPlayer\FLVPlayer.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-2921778440-697364257-2174348754-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\db43ff0b_0]
@="{0.0.0.00000000}.{8eb66584-a5b4-48a7-866d-aee82a1737a7}|\Device\HarddiskVolume2\Program Files (x86)\FLVPlayer\FLVPlayer.exe%b{00000000-0000-0000-0000-000000000000}"

Searching for "globalUpdate"
[HKEY_LOCAL_MACHINE\SOFTWARE\globalUpdate]

Searching for "Goobzo"
[HKEY_LOCAL_MACHINE\SOFTWARE\GOOBZO]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator]
"Publisher"="Goobzo Ltd."
[HKEY_USERS\.DEFAULT\Software\GOOBZO]
[HKEY_USERS\S-1-5-18\Software\GOOBZO]

Searching for "istartsurf"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\istartsurf.com]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\www.istartsurf.com]
[HKEY_USERS\S-1-5-21-2921778440-697364257-2174348754-1000\Software\Microsoft\Internet Explorer\DOMStorage\istartsurf.com]
[HKEY_USERS\S-1-5-21-2921778440-697364257-2174348754-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.istartsurf.com]

-= EOF =-
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014
Ran by Martina at 2014-09-05 07:57:05
Running from D:\Martina\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1430 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.2.1.260 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.3.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (x32 Version: 3.3.0 - Adobe Systems Incorporated) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Avira (HKLM-x32\...\{e67154a7-9cc5-4167-b782-f3982bc6c70d}) (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4487 - APN, LLC)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.95 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG4200 series Benutzerregistrierung (HKLM-x32\...\Canon MG4200 series Benutzerregistrierung) (Version:  - Canon Inc.‎)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Canon MG4200 series On-screen Manual (HKLM-x32\...\Canon MG4200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3661 - CDBurnerXP)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.28 - Abelssoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version:  - Microsoft)
Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.4.5 - Telerik)
FontForge 2012-07-31 (HKLM-x32\...\FontForge) (Version: 2012-07-31 - )
Free YouTube to MP3 Converter version 3.12.5.628 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.5.628 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Hartlauer Foto World (HKLM-x32\...\Hartlauer Foto World) (Version: 5.1.5 - CEWE Stiftung u Co. KGaA)
High-Logic FontCreator 8 (HKLM-x32\...\FontCreator8_is1) (Version:  - High-Logic B.V.)
iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Leawo PowerPoint to Video Converter version 2.7.1.0 (HKLM-x32\...\{5D5CB188-F9B1-4103-B2AD-07FB33068377}_is1) (Version: 2.7.1.0 - Leawo Software)
MAGIX Foto Designer 7 (HKLM-x32\...\MAGIX_{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}) (Version: 7.0.1.1 - MAGIX AG)
MAGIX Foto Designer 7 (Version: 7.0.1.1 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4631.1002 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ Run Time  Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Mozilla Firefox 13.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 13.0.1 (x86 de)) (Version: 13.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 13.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NSIS Birdfont (HKLM-x32\...\Birdfont) (Version:  - )
NVIDIA 3D Vision Treiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.19.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.19.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6721 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 267.21 (Version: 267.21 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
PhotoPad Foto-Editor (HKLM-x32\...\PhotoPad) (Version: 2.41 - NCH Software)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shopper-Pro (HKLM-x32\...\ShopperPro) (Version:  - )
simplitec simplicheck (HKLM-x32\...\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}) (Version: 1.3.9.0 - simplitec GmbH)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SpeedMaxPc (HKLM-x32\...\{1341F917-C3E5-413E-A11C-AA58273843C4}) (Version: 3.1.6.0 - SpeedMaxPc)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XnView 1.99.5 (HKLM-x32\...\XnView_is1) (Version: 1.99.5 - Gougelet Pierre-e)
YouTube Accelerator (HKLM-x32\...\YouTube Accelerator) (Version: 3394(build_88) - Goobzo Ltd.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2921778440-697364257-2174348754-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

28-08-2014 21:18:18 Windows Update
02-09-2014 05:07:47 Installed SpyHunter
02-09-2014 05:15:58 Removed SpyHunter
02-09-2014 05:50:31 Installed SpyHunter
02-09-2014 06:43:19 Removed SpyHunter

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {136E99D8-6048-466C-A642-6ED03D639BE9} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {A9EB2394-AF1F-446F-BB25-754EC1B3C9B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-15] (Google Inc.)
Task: {B78E6EA3-3BE7-484B-948E-4076ECF61197} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-15] (Google Inc.)
Task: {C72E5E18-FF2C-49F1-8FC2-B294810C7742} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-20] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AdobeAAMUpdater-1.0-NB01KRZBMA-Martina.job => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a54415c3b16.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: C:\Windows\Tasks\Updater scan.job => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe

==================== Loaded Modules (whitelisted) =============

2013-10-16 19:02 - 2013-10-16 19:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-07-04 16:21 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-11-29 17:53 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-10-16 19:01 - 2013-10-16 19:01 - 04624240 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-09-05 07:42 - 2014-09-05 07:43 - 00139264 _____ () D:\Martina\Desktop\SystemLook.exe
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-09-04 11:18 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\Martina\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2013-10-17 17:45 - 2013-10-17 17:45 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-03-13 14:42 - 2013-06-05 15:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2014-09-04 22:06 - 2014-08-30 04:49 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
2014-09-04 22:06 - 2014-08-30 04:49 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll
2014-09-04 22:06 - 2014-08-30 04:49 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
2014-09-04 22:06 - 2014-08-30 04:49 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll
2014-09-04 22:06 - 2014-08-30 04:49 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Atheros AR3011 Bluetooth(R) Adapter
Description: Atheros AR3011 Bluetooth(R) Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/04/2014 05:24:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9922

Error: (09/04/2014 05:24:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9922

Error: (09/04/2014 05:24:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/04/2014 07:54:43 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2014-09-04T07:48:43Z. Error Code: 0x80070032.

Error: (09/03/2014 06:30:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9984

Error: (09/03/2014 06:30:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9984

Error: (09/03/2014 06:30:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (09/05/2014 07:30:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (09/04/2014 11:20:11 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist vom Dienst "Avira Echtzeit-Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1070

Error: (09/04/2014 11:19:45 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet.

Error: (09/04/2014 07:40:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "YouTubeAcceleratorService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/03/2014 08:52:45 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (09/04/2014 05:24:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9922

Error: (09/04/2014 05:24:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9922

Error: (09/04/2014 05:24:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/04/2014 07:54:43 AM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: 0x800700322014-09-04T07:48:43Z

Error: (09/03/2014 06:30:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9984

Error: (09/03/2014 06:30:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9984

Error: (09/03/2014 06:30:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2013-08-03 00:31:49.584
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.581
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.578
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.555
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.551
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-03 00:31:49.545
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.741
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.739
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.736
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-08-01 10:10:32.718
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 75%
Total physical RAM: 4077.86 MB
Available physical RAM: 1006.09 MB
Total Pagefile: 8153.9 MB
Available Pagefile: 4566.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (LWC) (Fixed) (Total:78.03 GB) (Free:30.59 GB) NTFS
Drive d: (DATEN) (Fixed) (Total:154.76 GB) (Free:137.31 GB) NTFS
Drive e: (ECLIPSE_D1) (CDROM) (Total:6.8 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 26558982)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=78 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=154.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Martina (administrator) on NB01KRZBMA on 05-09-2014 07:54:55
Running from D:\Martina\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() D:\Martina\Desktop\SystemLook.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) D:\Martina\Desktop\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-06-16] (Google Inc.)
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martina\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9f0476a4-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9f0476aa-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9f0476d6-d6a2-11e2-b1ce-90004eb858ed} - F:\AutoRun.exe
HKU\S-1-5-21-2921778440-697364257-2174348754-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {c3dde93d-99b1-11e3-9283-90004eb858ee} - F:\Startme.exe
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46388F1AA669CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: No Name -> {41564952-412D-5637-00A7-7A786E7484D7} ->  No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\8qahtb8s.default
FF SearchEngineOrder.3: Bing
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2013-06-16]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "https://www.google.at/?gws_rd=ssl#q=was+ist+it+surf%3F"
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-31]
CHR Extension: (Google Drive) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-31]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-31]
CHR Extension: (Google-Suche) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-31]
CHR Extension: (Google Wallet) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-27]
CHR Extension: (Google Mail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-31]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-14] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-05] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 17:57 - 2014-09-03 17:57 - 00001728 _____ () C:\Users\Martina\Desktop\JRT.txt
2014-09-03 17:48 - 2014-09-03 17:48 - 00000000 ____D () C:\Windows\ERUNT
2014-09-03 16:19 - 2014-09-03 16:19 - 00000000 ____D () C:\mbam.txt
2014-09-03 15:46 - 2014-09-05 07:54 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-03 15:46 - 2014-09-03 15:46 - 00001065 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-03 15:46 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-03 15:46 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-03 15:46 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-03 15:14 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-03 15:11 - 2014-09-03 15:29 - 00000000 ____D () C:\AdwCleaner
2014-09-02 11:49 - 2014-09-05 07:55 - 00000000 ____D () C:\FRST
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-02 07:07 - 2014-09-02 08:45 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 16:25 - 2014-08-30 19:11 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-28 21:00 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:00 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:00 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-21 16:09 - 2014-09-03 07:46 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:48 - 2013-01-24 13:43 - 01415352 _____ (High-Logic B.V.) C:\Windows\SysWOW64\FontInstaller2.dll
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2014-08-20 20:46 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 21:09 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-16 10:48 - 2014-08-31 19:56 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-14 14:22 - 2014-08-19 15:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 07:27 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 07:27 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 07:27 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 07:27 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 07:27 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 07:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 07:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:44 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:44 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 20:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 20:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 20:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 20:44 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:44 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:44 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:44 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:43 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:43 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:43 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:43 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:43 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:43 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:43 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:43 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:43 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:43 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:43 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:43 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:43 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:43 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:43 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:43 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:43 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:43 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:43 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:43 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:43 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:43 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:43 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:43 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:43 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:43 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:43 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:43 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:43 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:43 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:43 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:43 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:43 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:43 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:43 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:43 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:43 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:43 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 20:43 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 20:43 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:42 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:42 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 20:41 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 20:41 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-06 12:12 - 2014-08-11 09:18 - 00000000 ____D () C:\ProgramData\tmp
2014-08-06 12:12 - 2014-08-06 14:31 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-05 07:55 - 2014-09-02 11:49 - 00000000 ____D () C:\FRST
2014-09-05 07:54 - 2014-09-03 15:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-05 07:46 - 2013-06-14 23:43 - 01835901 _____ () C:\Windows\WindowsUpdate.log
2014-09-05 07:39 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-05 07:39 - 2009-07-14 06:45 - 00015104 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-05 07:30 - 2013-09-18 15:26 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-05 07:29 - 2009-07-14 06:51 - 00075381 _____ () C:\Windows\setupact.log
2014-09-04 22:06 - 2013-06-16 16:53 - 00002138 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-04 17:23 - 2013-08-09 13:39 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Skype
2014-09-04 11:18 - 2013-06-16 16:47 - 00000000 ____D () C:\Users\Martina\AppData\Local\Adobe
2014-09-04 11:16 - 2013-06-15 03:18 - 00459860 _____ () C:\Windows\PFRO.log
2014-09-03 17:57 - 2014-09-03 17:57 - 00001728 _____ () C:\Users\Martina\Desktop\JRT.txt
2014-09-03 17:48 - 2014-09-03 17:48 - 00000000 ____D () C:\Windows\ERUNT
2014-09-03 16:19 - 2014-09-03 16:19 - 00000000 ____D () C:\mbam.txt
2014-09-03 16:09 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-09-03 15:46 - 2014-09-03 15:46 - 00001065 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-03 15:46 - 2014-09-03 15:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-03 15:29 - 2014-09-03 15:11 - 00000000 ____D () C:\AdwCleaner
2014-09-03 15:29 - 2014-02-20 18:27 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-03 15:29 - 2013-06-16 16:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-03 15:29 - 2013-06-15 00:32 - 00001024 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-03 15:29 - 2013-06-14 23:49 - 00001002 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-03 07:46 - 2014-08-21 16:09 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-02 21:44 - 2013-10-27 07:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashDumps
2014-09-02 08:45 - 2014-09-02 07:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-02 07:09 - 2014-09-02 07:09 - 00000000 _____ () C:\autoexec.bat
2014-09-01 14:33 - 2014-09-01 14:33 - 00003073 _____ () C:\AdwCleaner[R17].txt
2014-09-01 11:43 - 2013-11-29 17:31 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-09-01 11:18 - 2009-07-14 19:58 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-01 11:18 - 2009-07-14 19:58 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-01 11:18 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 20:35 - 2013-06-15 00:30 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\vlc
2014-08-31 19:56 - 2014-08-16 10:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\dvdcss
2014-08-31 18:21 - 2014-08-31 18:21 - 00003050 _____ () C:\AdwCleaner[S14].txt
2014-08-31 18:21 - 2014-08-31 18:21 - 00002951 _____ () C:\AdwCleaner[R16].txt
2014-08-30 20:38 - 2014-08-30 20:38 - 00110730 _____ () C:\AdwCleaner[S13].txt
2014-08-30 20:37 - 2014-08-30 20:37 - 00110629 _____ () C:\AdwCleaner[R15].txt
2014-08-30 19:11 - 2014-08-30 16:25 - 00000000 ____D () C:\Users\Martina\.birdfont
2014-08-30 16:25 - 2013-06-14 23:48 - 00000000 ____D () C:\Users\Martina
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Birdfont
2014-08-30 16:20 - 2014-08-30 16:20 - 00000000 ____D () C:\Program Files (x86)\Birdfont
2014-08-29 20:07 - 2009-07-14 06:45 - 05101376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 20:00 - 2014-08-27 20:00 - 00003072 _____ () C:\AdwCleaner[S12].txt
2014-08-27 20:00 - 2014-08-27 20:00 - 00003003 _____ () C:\AdwCleaner[R14].txt
2014-08-23 04:07 - 2014-08-28 21:00 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 21:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 21:00 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 16:09 - 2014-08-21 16:09 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: hxxp://www.jcomsoft.com) C:\Windows\SysWOW64\AniGIF.ocx
2014-08-21 16:09 - 2014-08-21 16:09 - 00000000 ____D () C:\Users\Martina\AppData\Local\CrashRpt
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\High-Logic FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\Users\Martina\AppData\Local\FontCreator
2014-08-21 09:48 - 2014-08-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\High-Logic FontCreator
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieUserList
2014-08-21 09:06 - 2014-08-21 09:06 - 00000000 __SHD () C:\Users\Martina\AppData\Local\EmieSiteList
2014-08-20 21:09 - 2014-08-20 21:09 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\DesktopIconGoodgame
2014-08-20 21:09 - 2014-08-20 20:28 - 00000000 ____D () C:\Program Files (x86)\FontForge
2014-08-20 20:46 - 2014-08-20 20:30 - 00000000 ____D () C:\Users\Martina\AppData\Local\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000366 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Abelssoft
2014-08-20 20:31 - 2014-08-20 20:31 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-20 20:30 - 2013-06-15 00:32 - 00113576 _____ () C:\Users\Martina\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-20 20:29 - 2014-08-20 20:29 - 00001013 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-20 20:29 - 2014-08-20 20:29 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-20 20:28 - 2014-08-20 20:28 - 00000000 ____D () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FontForge
2014-08-19 15:23 - 2014-08-19 15:23 - 00001100 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-19 15:23 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 15:23 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-19 15:22 - 2013-08-18 13:04 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-14 14:22 - 2013-08-18 13:04 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 08:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 07:52 - 2013-06-16 18:01 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 07:42 - 2013-08-14 20:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 07:36 - 2013-06-15 01:38 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 07:25 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 09:18 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\tmp
2014-08-07 08:58 - 2014-08-07 08:58 - 00000000 ____D () C:\Users\Martina\restore
2014-08-07 04:06 - 2014-08-13 20:41 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 20:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:31 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\hps
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Fotoviewer.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00001174 _____ () C:\Users\Public\Desktop\Hartlauer Foto World.lnk
2014-08-06 12:12 - 2014-08-06 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hartlauer Foto World
2014-08-06 12:00 - 2014-08-06 12:00 - 00000000 ____D () C:\Program Files\Hartlauer Foto World

Some content of TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-08-29 06:40

==================== End Of Log ============================
--- --- ---

--- --- ---

M-K-D-B 05.09.2014 09:49
Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 3 h) dauern.
Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg.




Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
BHO-x32: No Name -> {41564952-412D-5637-00A7-7A786E7484D7} ->  No File
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
C:\Users\Public\Documents\ShopperPro
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
C:\Users\Public\Documents\GOOBZO
C:\ProgramData\ShopperPro
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ShopperPro.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\ADE301FD73976694E8BFE55F3C38102F
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 3
Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von SecurityCheck.

Tinti 05.09.2014 16:10
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2014
Ran by Martina at 2014-09-05 11:11:55 Run:2
Running from D:\Martina\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
BHO-x32: No Name -> {41564952-412D-5637-00A7-7A786E7484D7} ->  No File
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
C:\Users\Public\Documents\ShopperPro
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
C:\Users\Public\Documents\GOOBZO
C:\ProgramData\ShopperPro
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ShopperPro.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\ADE301FD73976694E8BFE55F3C38102F
EmptyTemp:
end
       
*****************

"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{41564952-412D-5637-00A7-7A786E7484D7} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}" => Key not found.
C:\Users\Public\Documents\ShopperPro => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec => Moved successfully.
C:\Users\Public\Documents\GOOBZO => Moved successfully.
"C:\ProgramData\ShopperPro" => File/Directory not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator => Key not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro => Key not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ShopperPro.exe => Key Deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro => Failed to delete key at first attempt (Error: C0000121), see next line.
HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro => Key Deleted Successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1} => Failed to delete key at first attempt (Error: C0000121), see next line.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1} => Key Deleted Successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413} => Failed to delete key at first attempt (Error: C0000121), see next line.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413} => Key Deleted Successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4} => Key not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DF103EDA-7937-4966-8EFB-5EF5C38301F2} => Key not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\ADE301FD73976694E8BFE55F3C38102F => Failed to delete key at first attempt (Error: C0000121), see next line.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\ADE301FD73976694E8BFE55F3C38102F => Key Deleted Successfully.
EmptyTemp: => Removed 30.3 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====
Hi,

ich habe Eset durchlaufen lassen aber bei mir steht nirgendwo log.

Lg Martina

oder ist es das??? gg


Code:
ystemLook 30.07.11 by jpshortstuff
Log created at 07:45 on 05/09/2014 by Martina
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== folderfind ==========

Searching for "*YouTubeAccelerator*"
No folders found.

Searching for "*ShopperPro*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\ProgramData\ShopperPro        d------        [13:29 03/09/2014]
C:\Users\Public\Documents\ShopperPro        d------        [14:09 21/08/2014]

Searching for "*Shopper-Pro*"
No folders found.

Searching for "*SpeedMaxPc*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SpeedMaxPc\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\ProgramData\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\ProgramData\SpeedMaxPc\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\ProgramData\SpeedMaxPc\UUS3\speedmaxpc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc\SpeedMaxPc        d------        [13:29 03/09/2014]

Searching for "*simplitec*"
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec        d------        [12:08 27/05/2014]
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\simplitec        d------        [12:08 27/05/2014]

Searching for "*InetStat*"
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat        d------        [13:29 03/09/2014]

Searching for "*Wajam*"
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0bc29433        d----c-        [18:08 29/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0cedc34e        d----c-        [08:41 30/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0d29de4d        d----c-        [17:16 30/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_cab_0eb6163e        d----c-        [11:27 28/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_02eee0de        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_035d29a0        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_099dfac4        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ecb72b1        d----c-        [19:45 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ecddcc7        d----c-        [11:27 28/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ed21b8b        d----c-        [17:16 30/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ef20492        d----c-        [08:41 30/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1124621e        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1524203e        d----c-        [19:50 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1bd6b903        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1bd70935        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1e6c89f8        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1ec41259        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1f3ec208        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_208901d5        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_20daea31        d----c-        [19:45 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_21cbc2b4        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_224ba8dd        d----c-        [19:50 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2276190d        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_22b57984        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_240358fa        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_247a9a2e        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_249f80e4        d----c-        [19:50 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_24d0d9eb        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_259f9aca        d----c-        [19:45 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25d5518a        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25ddf123        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25e3121b        d----c-        [19:45 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25edc939        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2607d0b8        d----c-        [19:50 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_262640d8        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26383a53        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_263a4a69        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2643f883        d----c-        [19:50 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_264a7253        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_264bea7f        d----c-        [19:46 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_269290fa        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26ba22ae        d----c-        [19:44 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26cda130        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_270e6910        d----c-        [19:48 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2734b1f2        d----c-        [19:47 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_278b311f        d----c-        [19:49 27/08/2014]
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_cab_1e574700        d----c-        [19:45 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0bc29433        d----c-        [18:08 29/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0cedc34e        d----c-        [08:41 30/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_0d29de4d        d----c-        [17:16 30/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_WajamInternetEnh_20e4428c1493712a4d3250b374adc03ff7ad47cb_cab_0eb6163e        d----c-        [11:27 28/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_02eee0de        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_035d29a0        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_099dfac4        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ecb72b1        d----c-        [19:45 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ecddcc7        d----c-        [11:27 28/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ed21b8b        d----c-        [17:16 30/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_0ef20492        d----c-        [08:41 30/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1124621e        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1524203e        d----c-        [19:50 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1bd6b903        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1bd70935        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1e6c89f8        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1ec41259        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_1f3ec208        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_208901d5        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_20daea31        d----c-        [19:45 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_21cbc2b4        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_224ba8dd        d----c-        [19:50 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2276190d        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_22b57984        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_240358fa        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_247a9a2e        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_249f80e4        d----c-        [19:50 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_24d0d9eb        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_259f9aca        d----c-        [19:45 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25d5518a        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25ddf123        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25e3121b        d----c-        [19:45 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_25edc939        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2607d0b8        d----c-        [19:50 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_262640d8        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26383a53        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_263a4a69        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2643f883        d----c-        [19:50 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_264a7253        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_264bea7f        d----c-        [19:46 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_269290fa        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26ba22ae        d----c-        [19:44 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_26cda130        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_270e6910        d----c-        [19:48 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_2734b1f2        d----c-        [19:47 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_278b311f        d----c-        [19:49 27/08/2014]
C:\Users\All Users\Microsoft\Windows\WER\ReportQueue\AppCrash_wajaminternetenh_7a12e73cb251afb23b69981263d4fe8247a7ec_cab_1e574700        d----c-        [19:45 27/08/2014]

Searching for "*FindRight*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\FindRight        d------        [13:29 03/09/2014]

Searching for "*FlvPlayer*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\FlvPlayer        d------        [13:29 03/09/2014]
C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer        d------        [13:29 03/09/2014]

Searching for "*globalUpdate*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate        d------        [13:29 03/09/2014]

Searching for "*Goobzo*"
C:\Users\Public\Documents\GOOBZO        d------        [14:09 21/08/2014]

Searching for "*istartsurf*"
C:\AdwCleaner\Quarantine\C\Users\Martina\AppData\Roaming\istartsurf        d------        [13:29 03/09/2014]

========== regfind ==========

Searching for "YouTubeAccelerator"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator]
"URLInfoAbout"="hxxp://www.youtubeaccelerator.com/support/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator]
"Contact"="support@youtubeaccelerator.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator]
"HelpLink"="hxxp://www.youtubeaccelerator.com/about/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator]
"DisplayIcon"="C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe,-0"

Searching for "ShopperPro"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro]
"UninstallString"="C:\Program Files (x86)\ShopperPro\SPremove.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro]
"DisplayIcon"="C:\Program Files (x86)\ShopperPro\ShopperPro.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ShopperPro.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ShopperPro.exe]
@="C:\Program Files (x86)\ShopperPro\ShopperPro.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro]
[HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro]
"EXELOCATION"="C:\Program Files (x86)\ShopperPro"
[HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro]
"ChromeExtFile"="ShopperPro.crx"
[HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro]
"DBLOCATION"="C:\ProgramData\ShopperPro"
[HKEY_LOCAL_MACHINE\SOFTWARE\ShopperPro]
"CONFIGLOCATION"="C:\ProgramData\ShopperPro"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}]
@="IShopperProBHO"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}\1.0]
@="ShopperPro 1.0 Type Library"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}\1.0\0\win32]
@="C:\ProgramData\ShopperPro\ShopperPro64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}]
@="IShopperProBHO"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}\1.0]
@="ShopperPro 1.0 Type Library"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}\1.0\0\win32]
@="C:\ProgramData\ShopperPro\ShopperPro64.dll"

Searching for "Shopper-Pro"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro]
"DisplayName"="Shopper-Pro"

Searching for "SpeedMaxPc"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"InstallLocation"="C:\Program Files (x86)\SpeedMaxPc\SpeedMaxPc"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"DisplayName"="SpeedMaxPc"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"DisplayIcon"="C:\Program Files (x86)\SpeedMaxPc\SpeedMaxPc\speedmaxpc.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"UninstallString"="C:\Program Files (x86)\SpeedMaxPc\SpeedMaxPc\uninstall.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"URLInfoAbout"="hxxp://www.SpeedMaxPc.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1341F917-C3E5-413E-A11C-AA58273843C4}]
"Publisher"="SpeedMaxPc"

Searching for "simplitec"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}]
"InstallLocation"="C:\Program Files (x86)\simplitec\simplicheck\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}]
"Publisher"="simplitec GmbH"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DF103EDA-7937-4966-8EFB-5EF5C38301F2}]
"DisplayName"="simplitec simplicheck"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\ADE301FD73976694E8BFE55F3C38102F]
"ProductName"="simplitec simplicheck"

Searching for "InetStat"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CabinetState]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Advanced\Folder\ShowFullPath]
"RegPath"="Software\Microsoft\Windows\CurrentVersion\Explorer\CabinetState"
[HKEY_USERS\S-1-5-21-2921778440-697364257-2174348754-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\CabinetState]

Searching for "Wajam"
No data found.

Searching for "FindRight"
No data found.

Searching for "FlvPlayer"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\db43ff0b_0]
@="{0.0.0.00000000}.{8eb66584-a5b4-48a7-866d-aee82a1737a7}|\Device\HarddiskVolume2\Program Files (x86)\FLVPlayer\FLVPlayer.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-2921778440-697364257-2174348754-1000\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\db43ff0b_0]
@="{0.0.0.00000000}.{8eb66584-a5b4-48a7-866d-aee82a1737a7}|\Device\HarddiskVolume2\Program Files (x86)\FLVPlayer\FLVPlayer.exe%b{00000000-0000-0000-0000-000000000000}"

Searching for "globalUpdate"
[HKEY_LOCAL_MACHINE\SOFTWARE\globalUpdate]

Searching for "Goobzo"
[HKEY_LOCAL_MACHINE\SOFTWARE\GOOBZO]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator]
"Publisher"="Goobzo Ltd."
[HKEY_USERS\.DEFAULT\Software\GOOBZO]
[HKEY_USERS\S-1-5-18\Software\GOOBZO]

Searching for "istartsurf"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\istartsurf.com]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\www.istartsurf.com]
[HKEY_USERS\S-1-5-21-2921778440-697364257-2174348754-1000\Software\Microsoft\Internet Explorer\DOMStorage\istartsurf.com]
[HKEY_USERS\S-1-5-21-2921778440-697364257-2174348754-1000\Software\Microsoft\Internet Explorer\DOMStorage\www.istartsurf.com]

-= EOF =-
Code:
Results of screen317's Security Check version 0.99.87 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Security Center service is not running! This report may not be accurate!
Avira Desktop 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 21 
 Java version out of Date!
 Adobe Reader XI 
 Mozilla Firefox 13.0.1 Firefox out of Date! 
 Google Chrome 36.0.1985.143 
 Google Chrome 37.0.2062.103 
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
 Malwarebytes Anti-Malware mbamscheduler.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

M-K-D-B 06.09.2014 10:42
Servus,




Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.



Tinti 06.09.2014 15:24
Code:
Farbar Service Scanner Version: 21-07-2014
Ran by Martina (administrator) on 06-09-2014 at 16:18:15
Running from "D:\Martina\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Demand. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

M-K-D-B 07.09.2014 07:56
Wenn du keine Probleme mehr hast, dann sind wir hier fertig. Deine Logdateien sind sauber. :daumenhoc
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.





Ändere regelmäßig alle deine Passwörter, jetzt nach der Bereinigung ist ein idealer Zeitpunkt dafür!
  • Verwende für jede Anwendung und jeden Account ein anderes Passwort.
  • Ändere regelmäßig dein Passwort, vor allem bei Onlinebanking oder deinem Emailpostfach ist das sehr wichtig.
  • Speichere keine Passwörter auf deinem PC, gib diese nicht an Dritte weiter.
  • Ein sicheres Passwort besteht aus mindestens 8 Zeichen und beinhaltet Groß- und Kleinbuchstaben, Zahlen und Sonderzeichen.
  • Benutze keine Zahlen- oder Buchstabenkombinationen, ( zB 12345678, qwertzui) auch keine Zahlen oder Buchstabenmuster.
  • Verwende keine Passwörter die einen Bezug zu dir, deinem Wohnort, Familienmitglied oder Haustier (Geburtsdatum, Postleitzahl, Adresse, Name) haben.





Schritt 1
Du verwendest veraltete Software auf deinem Rechner, was ein Sicherheitsrisiko darstellt. Daher solltest du veraltete Software deinstallieren und anschließend die aktuellste Version installieren.
Folge dem Pfad Start > Systemsteuerung > Sofware / Programme deinstallieren.
Deinstalliere die folgenden Programme von deinem Rechner:
  • Java 7 Update 21
  • Mozilla Firefox 13
Starte deinen Rechner nach der Deinstallation neu auf.
Downloade und installiere dir bitte nun:Starte deinen Rechner nach der Installation neu auf.





Schritt 2
Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.







Schritt 3
Abschließend habe ich noch ein paar Tipps zur Absicherung deines Systems.


Ich kann gar nicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti-Viren-Programm und zusätzlicher Schutz
  • Gehe sicher, dass du immer nur eine Anti-Viren Software installiert hast und dass diese auch up to date ist! Ein kostenloses Anti-Viren Programm, das wir empfehlen, wäre z. B. Avast! Free Antivirus oder Microsoft Security Essentials.
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt. Du kannst es zusätzlich zu deinem Anti-Viren Programm verwenden.
    Update das Tool und lasse es einmal in der Woche laufen. Die Kaufversion bietet zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • AdwCleaner
    Dieses Tool erkennt eine Vielzahl von Werbeprogrammen (Adware) und unerwünschten Programmen (PUPs).
    Starte das Tool einmal die Woche und lass es laufen. Sollte eine neue Version verfügbar sein, so wird dies angezeigt und du kannst dir die neueste Version direkt von der Herstellerseite auf den Desktop herunterladen. Auch dieses Programm kann parallel zu deinem Anti-Viren Programm verwendet werden.
  • SpywareBlaster
    Eine kurze Einführung findest du Hier


Alternative Browser
Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Mozilla Firefox
  • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
  • NoScript
    Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt, wenn Du es bestätigst.
  • AdblockPlus
    Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzuzufügen reicht und dieser wird nicht mehr geladen.
    Es spart außerdem Downloadkapazität.


Performance
  • Halte dich fern von Registry Cleanern.
    Diese Schaden deinem System mehr als dass sie helfen. Hier ein englischer Link:
    Miekemoes Blogspot ( MVP )


Was du vermeiden solltest:
  • Klicke nicht auf alles, nur weil es dich dazu auffordert und schön bunt ist.
  • Verwende keine P2P oder Filesharing Software (Emule, uTorrent,..).
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie z.B. deinFoto.jpg.exe.
  • Lade keine Software von Softonic oder Chip herunter, da diese Installer oft mit Adware oder unerünschter Software versehen sind!



Nun bleibt mir nur noch dir viel Spaß beim sicheren Surfen zu wünschen... ... und vielleicht möchtest du ja das Trojaner-Board unterstützen?

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Tinti 07.09.2014 09:34
Hallo,

ich habe versucht secunnia PSI zu starten, geht aber nicht (installiert habe ich es

LG Martina

Hallo,

ich habe jetzt alle Schritte fertig. Ich hab noch eine Frage? Soll ich mir die alternative Browser auch noch installieren oder reichen alle anderen die du angeführt hast?

LG Martina

M-K-D-B 07.09.2014 12:07
Zitat:
Zitat von Tinti (Beitrag 1355269)
ich habe versucht secunnia PSI zu starten, geht aber nicht (installiert habe ich es
dann kannst du es wieder deinstallieren



Zitat:
Zitat von Tinti (Beitrag 1355269)
ich habe jetzt alle Schritte fertig. Ich hab noch eine Frage? Soll ich mir die alternative Browser auch noch installieren oder reichen alle anderen die du angeführt hast?
Ist nur ein Vorschlag meinerseits, deine Entscheidung.



Ich bin froh, dass wir helfen konnten :abklatsch:

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank! :)

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

Tinti 07.09.2014 19:02
Hey,

vielen Dank für deine Geduld. Hast mir echt sehr viel geholfen. :-)

Danke!!!

Lg

Tinti 22.10.2014 16:29
mein PC ist so langsam ich glaube ich habe einen Virus.
 
Hallo,
ich glaube ich hab schon wieder einen Virus wenn ich google chrom öffne kommt immer zuerst die Seite "Mysearchdial Search" und mein PC ist sehr langsam geworden. Ich habe versucht bei Einstellungen die Seite zu entfernen aber sie kommt trotzdem immer wieder.

Lg
Martina


Alle Zeitangaben in WEZ +1. Es ist jetzt 23:45 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19